integrating-sast-into-github-actions-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs Semgrep with public registry configs (e.g., "--config auto", "p/owasp-top-ten", "p/cwe-top-25") in SKILL.md and templates and the runtime scripts (scripts/agent.py, scripts/process.py) invoke semgrep and parse its findings to apply quality gates, which means third-party/user-contributed rule content is fetched and can directly influence decisions and tooling behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The GitHub Actions workflows and scripts fetch and run remote action repositories and a container image at runtime (e.g., uses: returntocorp/semgrep-action@v1 -> https://github.com/returntocorp/semgrep-action, actions/checkout@v4 -> https://github.com/actions/checkout, and container image semgrep/semgrep:latest -> docker.io/semgrep/semgrep:latest), which are executed as required dependencies and therefore constitute runtime remote code execution risk.