Security review of action.yml:
High risk
- Approval bypass via any labeler: lines 150–171 allow any
labeled event with label ok-to-test to pass. It does not verify that the label was added by a maintainer/collaborator/admin. In pull_request_target, that’s the key control, so this is the main issue.
- No event hardening: it assumes safe use in
pull_request_target, but doesn’t validate event type. Misuse in another trigger could change behavior unexpectedly.
Medium risk
- Over-broad token expectation: input says token may have
repo + org:read scopes. That’s powerful; consumers may overgrant. Better to document minimum permissions more tightly.
- Silent fallback on membership errors: lines 91–122 treat API failures similarly to “not a member”. Safer than fail-open, but can hide auth/config problems.
- Unvalidated input enum:
required-permission is documented as write or admin, but not enforced. Invalid values default into the write/admin branch.
Low risk
- Pinned action: good —
actions/github-script is SHA-pinned.
- No shell injection surface: logic is JS, not shell.
- Logs disclose little: mostly usernames/team slugs; acceptable.
Recommended fixes
- Verify label applier trust before approving:
- check
context.actor has write/admin/maintain on repo, or is org/team member.
- Restrict event types explicitly:
- fail unless event is
pull_request_target on expected actions (opened, synchronize, reopened, labeled).
- Validate
required-permission:
- fail if not one of allowed values.
- Document minimum token permissions precisely:
pull-requests: read, issues: write for label removal, members: read if org/team checks are used.
Bottom line
- Not safe as-is for its stated purpose because the
ok-to-test approval path appears bypassable unless the workflow separately restricts who can apply labels.
If you want, I can also give you a patched version of action.yml with the maintainer-labeler check added.
Security review of
action.yml:High risk
labeledevent with labelok-to-testto pass. It does not verify that the label was added by a maintainer/collaborator/admin. Inpull_request_target, that’s the key control, so this is the main issue.pull_request_target, but doesn’t validate event type. Misuse in another trigger could change behavior unexpectedly.Medium risk
repo+org:readscopes. That’s powerful; consumers may overgrant. Better to document minimum permissions more tightly.required-permissionis documented aswriteoradmin, but not enforced. Invalid values default into thewrite/adminbranch.Low risk
actions/github-scriptis SHA-pinned.Recommended fixes
context.actorhaswrite/admin/maintainon repo, or is org/team member.pull_request_targeton expected actions (opened,synchronize,reopened,labeled).required-permission:pull-requests: read,issues: writefor label removal,members: readif org/team checks are used.Bottom line
ok-to-testapproval path appears bypassable unless the workflow separately restricts who can apply labels.If you want, I can also give you a patched version of
action.ymlwith the maintainer-labeler check added.