H3-2025-0018¶

GitHub Actions Dangerous Bot Conditions

Description¶

Workflows that allow bots such as Dependabot to perform privileged actions, often with a "github.actor" check, can be exploited by attackers using malicious commits.

Impact¶

An attacker can exploit this trust by creating a pull request in which the HEAD commit has github.actor == 'dependabot[bot]' but the rest of the branch history has malicious code, leading to arbitrary code execution.

References¶

• GitHub Documentation
• CWE-807: Reliance on Untrusted Inputs in a Security Decision