Active exploitation campaign targeting weak GitHub Actions configurations

TL;DR - Audit your GitHub Actions workflows now. An automated campaign called "hackerbot-claw" is scanning public repos for pull_request_target misuse and inline shell with unvalidated inputs. They are taking the GITHUB_TOKEN and exfiltrating CI secrets at scale.

What happened

GitHub Actions is the CI/CD that millions of repos run on. An OpenSSF Siren advisory on oss-security warns of an active, automated campaign tracked as "hackerbot-claw". It scans public repos for the usual workflow misconfigurations and exploits them for code execution and credential theft.

Target patterns: workflows that use pull_request_target, run untrusted code from forks, embed inline shell scripts with unvalidated inputs, or skip authorization checks. Impact: GITHUB_TOKEN exfiltration, unauthorized pushes, supply-chain compromise.

This isn't theoretical. Active exploitation at scale.

Who is impacted

• Maintainers and platform engineers operating repositories with GitHub Actions - especially projects with workflows triggered by external contributors (fork PRs).
• Repositories with overly broad workflow permissions or that execute untrusted code in privileged contexts.

What to do now

• Avoid pull_request_target where possible; prefer pull_request for unprivileged execution.
• Do not check out and execute untrusted forked code in privileged workflows.
• Apply least privilege to GITHUB_TOKEN and workflow permissions (default to contents: read).
• Pin third-party actions by commit SHA.
• Sanitize and validate user-controlled input (branch names, PR titles, comments) before use in shell commands.
• Add authorization checks (e.g., gate execution on trusted author_association).
• Monitor for suspicious workflow runs and rotate tokens/secrets that may have been exposed.