Skip to content

Adding an example for standalone security-review Github Action #103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
shrishabh wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Adding an example for standalone security-review Github Action #103

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
128 changes: 128 additions & 0 deletions .github/workflows/examples/security-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
name: '🔎 Gemini Review & Security Analysis'
Copy link
Collaborator

@QuanZhang-William QuanZhang-William Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we put the file to

~/examples/security-review.yml like https://github.com/google-github-actions/run-gemini-cli/tree/main/examples

Copy link
Contributor Author

@shrishabh shrishabh Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Eventually, yes. I think we are waiting for the go-ahead from run-gemini-cli team to add the security-review. Adding it here so that we can test and then refer to when we move to the gemini-cli repository.

Copy link
Collaborator

@QuanZhang-William QuanZhang-William Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we want to test this workflow in our repo, we need to restructure the folder to .github/workflows/security-review.yml. GHA does not support subfolders under .github/workflows/.

We should also temporarily disable the original code review workflow, as it will generate duplicated comments for us.


on:
pull_request:
types:
- 'opened'
issue_comment:
types:
- 'created'

concurrency:
group: '${{ github.workflow }}-review-${{ github.event_name }}-${{ github.event.pull_request.number || github.event.issue.number }}'
cancel-in-progress: true

defaults:
run:
shell: 'bash'

jobs:
review:
Copy link

@github-actions github-actions bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟢 For better stability and to ensure consistent builds, consider pinning the runner version to a specific version (e.g., ubuntu-22.04) instead of using ubuntu-latest.

Suggested change
review:
runs-on: 'ubuntu-22.04'

Comment on lines +19 to +20
Copy link

@github-actions github-actions bot Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 The `if` condition for triggering the review on an issue comment is very specific (`github.event.comment.body == '@gemini-cli /review'`). This means that any extra text in the comment will cause the check to fail. It would be more robust to use the `contains()` function to check for the trigger phrase.
Suggested change
jobs:
review:
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@gemini-cli /review'))

if: |
(github.event_name == 'pull_request' && github.event.action == 'opened') ||
(github.event_name == 'issue_comment' && github.event.comment.body == '@gemini-cli /review')
runs-on: 'ubuntu-latest'
timeout-minutes: 15
permissions:
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 The id-token permission should be set to read as it is only used for authentication with the Workload Identity Provider. The write permission is not necessary and violates the principle of least privilege.

Suggested change
permissions:
id-token: 'read'

contents: 'read'
id-token: 'write'
issues: 'write'
pull-requests: 'write'
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LOW Use of outdated GitHub Action

Suggested change
pull-requests: 'write'
uses: 'actions/create-github-app-token@v2'

steps:
- name: 'Mint identity token'
id: 'mint_identity_token'
if: |-
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 For better workflow stability and to prevent unexpected changes, it's recommended to pin the version of the action to a specific tag instead of a commit hash.

Suggested change
if: |-
uses: 'actions/create-github-app-token@v1' # ratchet:actions/create-github-app-token@v2

${{ vars.APP_ID }}
uses: 'actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b' # ratchet:actions/create-github-app-token@v2
with:
app-id: '${{ vars.APP_ID }}'
private-key: '${{ secrets.APP_PRIVATE_KEY }}'
permission-contents: 'read'
permission-issues: 'write'
permission-pull-requests: 'write'

Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟢 The secrets.GITHUB_TOKEN and github.token are redundant. You can simplify this by just using github.token.

Suggested change
GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || github.token }}'

- name: 'Acknowledge request'
env:
GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}'
ISSUE_NUMBER: '${{ github.event.pull_request.number || github.event.issue.number }}'
MESSAGE: |-
🤖 Hi @${{ github.actor }}, I've received your request, and I'm working on it now! You can track my progress [in the logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for more details.
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LOW Use of outdated GitHub Action

Suggested change
🤖 Hi @${{ github.actor }}, I've received your request, and I'm working on it now! You can track my progress [in the logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for more details.
uses: 'actions/checkout@v5'

REPOSITORY: '${{ github.repository }}'
run: |-
gh issue comment "${ISSUE_NUMBER}" \
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MEDIUM Use of mutable GitHub Action reference

Suggested change
gh issue comment "${ISSUE_NUMBER}" \
uses: 'google-github-actions/run-gemini-cli@v1'

--body "${MESSAGE}" \
Copy link

@github-actions github-actions bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 For security and stability, it's recommended to pin the version of the google-github-actions/run-gemini-cli action to a specific release tag instead of using @main. This prevents unexpected breaking changes or malicious code from being introduced into your workflow.

Suggested change
--body "${MESSAGE}" \
uses: 'google-github-actions/run-gemini-cli@v1' # ratchet:exclude

Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 For better workflow stability and to prevent unexpected changes, it's recommended to pin the version of the action to a specific tag instead of a commit hash.

Suggested change
--body "${MESSAGE}" \
uses: 'actions/checkout@v4' # ratchet:actions/checkout@v5

--repo "${REPOSITORY}"

Copy link

@github-actions github-actions bot Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 For security and stability, it's a best practice to pin GitHub Actions to a specific version (a git tag or a commit SHA) instead of a branch like `main`. This prevents unexpected changes from breaking your workflow.
Suggested change
uses: 'google-github-actions/run-gemini-cli@v1' # ratchet:exclude

- name: 'Checkout repository'
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 For better workflow stability and to prevent unexpected changes from the main branch, it is recommended to use a specific version tag for the google-github-actions/run-gemini-cli action.

Suggested change
- name: 'Checkout repository'
uses: 'google-github-actions/run-gemini-cli@v1' # ratchet:exclude

uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5

- name: 'Run Gemini security analysis review'
uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟢 The secrets.GITHUB_TOKEN and github.token are redundant. You can simplify this by just using github.token.

Suggested change
uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude
GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || github.token }}'

id: 'gemini_security_analysis'
env:
GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}'
ISSUE_TITLE: '${{ github.event.pull_request.title || github.event.issue.title }}'
ISSUE_BODY: '${{ github.event.pull_request.body || github.event.issue.body }}'
PULL_REQUEST_NUMBER: '${{ github.event.pull_request.number || github.event.issue.number }}'
REPOSITORY: '${{ github.repository }}'
ADDITIONAL_CONTEXT: '${{ inputs.additional_context }}'
with:
Copy link

@github-actions github-actions bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Low The workflow uses `google-github-actions/run-gemini-cli@main`, which points to the `main` branch. This is not a secure practice because the `main` branch could be updated with a malicious version of the action.
Suggested change
with:
uses: 'google-github-actions/run-gemini-cli@v1.0.0' # ratchet:exclude

gcp_location: '${{ vars.GOOGLE_CLOUD_LOCATION }}'
gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}'
Copy link

@github-actions github-actions bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Medium The GitHub Action 'google-github-actions/run-gemini-cli' is not pinned to a specific commit SHA. This could allow a malicious actor to inject code into the action and compromise the CI/CD pipeline.

Suggested change
gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}'
uses: 'google-github-actions/run-gemini-cli@v1'

gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}'
gemini_api_key: '${{ secrets.GEMINI_API_KEY }}'
gemini_cli_version: '${{ vars.GEMINI_CLI_VERSION }}'
gemini_debug: '${{ fromJSON(vars.DEBUG || vars.ACTIONS_STEP_DEBUG || false) }}'
gemini_model: '${{ vars.GEMINI_MODEL }}'
google_api_key: '${{ secrets.GOOGLE_API_KEY }}'
use_gemini_code_assist: '${{ vars.GOOGLE_GENAI_USE_GCA }}'
use_vertex_ai: '${{ vars.GOOGLE_GENAI_USE_VERTEXAI }}'
Copy link

@github-actions github-actions bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Medium The `ADDITIONAL_CONTEXT` input is passed as an environment variable to the `google-github-actions/run-gemini-cli@main` action. This input is likely used in the prompt to the Gemini model. If a user of this reusable workflow provides a malicious string, it could be used to manipulate the model's behavior, leading to a prompt injection vulnerability. The `google-github-actions/run-gemini-cli@main` action should sanitize the `ADDITIONAL_CONTEXT` input to prevent prompt injection. If sanitization is not possible, the action should provide clear documentation about the risk of prompt injection and how to mitigate it.

upload_artifacts: '${{ vars.UPLOAD_ARTIFACTS }}'
extensions: |
[
"https://github.com/gemini-cli-extensions/security.git"
]
settings: |-
{
"model": {
"maxSessionTurns": 100
},
"telemetry": {
"enabled": true,
"target": "local",
"outfile": ".gemini/telemetry.log"
},
"mcpServers": {
"github": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e",
"GITHUB_PERSONAL_ACCESS_TOKEN",
"ghcr.io/github/github-mcp-server:v0.18.0"
],
"includeTools": [
"add_comment_to_pending_review",
"create_pending_pull_request_review",
"pull_request_read",
"submit_pending_pull_request_review"
],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}"
}
}
},
"tools": {
"core": [
"run_shell_command(cat)",
"run_shell_command(echo)",
"run_shell_command(grep)",
"run_shell_command(head)",
"run_shell_command(tail)"
]
}
}
prompt: '/security:analyze-github-pr'
Loading