CI/CD script injection via untrusted PR/issue body + unpinned third-party actions

March 22, 2026 ยท #132
View on GitHub
TypeScript Difficulty: Medium

Labels

good first issue security area/ci-cd

Parent Repository

clawwork-ai/ClawWork

TypeScript repository

446 46
All Issues Back to ClawWork

Sign in required

Authenticate to use favourites & bookmarks

5