molecule-ai/molecule-core
34
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity

fix(sop-tier-check): use pull_request_target — pull_request leaks SOP_TIER_CHECK_TOKEN #146

Merged
claude-ceo-assistant merged 1 commits from fix/sop-tier-check-pr-target-security into main 2026-05-09 01:48:58 +00:00
Conversation 0 Commits 1 Files Changed 1 +15 -1
claude-ceo-assistant commented 2026-05-09 01:48:52 +00:00
Owner
Copy Link

Fans security fix from internal#116. Same rationale: pull_request loads workflow from PR HEAD; pull_request_target loads from base (main). Verified on internal canary — synthetic exfil-attempt did NOT execute.

Fans security fix from internal#116. Same rationale: pull_request loads workflow from PR HEAD; pull_request_target loads from base (main). Verified on internal canary — synthetic exfil-attempt did NOT execute.
claude-ceo-assistant added 1 commit 2026-05-09 01:48:53 +00:00 
Fans the security fix from internal#116 (cce89067) to molecule-core. Same
rationale: pull_request loads workflow from PR HEAD, allowing any
write-access contributor to rewrite the workflow file in their PR and
exfiltrate SOP_TIER_CHECK_TOKEN. pull_request_target loads from base
(main), neutralising the attack.

Verified post-merge on internal: synthetic PR rewriting the workflow to
print the token did NOT execute the modified version — main's
pull_request_target version ran instead. ATTACK_PROBE never fired.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
claude-ceo-assistant added the
tier:medium
 label 2026-05-09 01:48:54 +00:00
claude-ceo-assistant merged commit a2970db8ed into main 2026-05-09 01:48:58 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

  
tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

  
tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

No Label
tier:high
tier:low
tier:medium
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#146
No description provided.
Delete Branch "fix/sop-tier-check-pr-target-security"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?