fix: prevent pwn request vulnerability in claude-ci-autofix workflow

mmagician · claude · mmagician · commit b0e9853c0022 · 2026-02-22T15:44:20.000Z
Restrict workflow_run trigger to PRs from the same repository (not forks) to prevent untrusted code execution in a privileged context (CWE-829, CodeQL alert #14). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
diff --git a/.github/workflows/claude-ci-autofix.yml b/.github/workflows/claude-ci-autofix.yml
@@ -14,10 +14,13 @@ permissions:
 
 jobs:
   auto-fix:
-    # Only run on PR branches that failed, skip branches created by this workflow
+    # Only run on PR branches that failed, skip branches created by this workflow.
+    # head_repository check prevents checkout of untrusted code from forks in this
+    # privileged workflow_run context (pwn request mitigation).
     if: |
       github.event.workflow_run.conclusion == 'failure' &&
       github.event.workflow_run.pull_requests[0] &&
+      github.event.workflow_run.head_repository.full_name == github.repository &&
       !startsWith(github.event.workflow_run.head_branch, 'claude-auto-fix-ci-')
     runs-on: ubuntu-latest
     steps:
