fix: prevent shell injection in summary workflow (#1285)

The gh issue comment command was interpolating the LLM response via ${{ steps.inference.outputs.response }} directly in the shell, allowing single-quote escaping if the response contained untrusted content. RESPONSE was already declared as an env var but unused — now using it. Closes #1285 Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-01 05:13:53 +00:00
parent 3651a34e96
commit fb8c9dbdbe
1 changed files with 1 additions and 1 deletions
@@ -27,7 +27,7 @@ jobs:

      - name: Comment with AI summary
        run: |
-          gh issue comment $ISSUE_NUMBER --body '${{ steps.inference.outputs.response }}'
+          gh issue comment "$ISSUE_NUMBER" --body "$RESPONSE"
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          ISSUE_NUMBER: ${{ github.event.issue.number }}