CICD-SEC-4 — GitHub Actions can approve pull requests

Field	Value
Category	`CICD-SEC-4`
Severity	HIGH
Auto-fix	✗
Source	Repository configuration

What the check does

Reads GET /repos/{owner}/{repo}/actions/permissions/workflow. Fires when can_approve_pull_request_reviews is true.

Why it matters

This setting fully defeats branch protection’s review requirement when combined with any of the existing CICD-SEC-4 risks:

Attacker injects code that runs in a workflow (poisoned PR title, compromised action).
That workflow uses GITHUB_TOKEN to submit an approving review on the attacker’s own PR.
Branch protection counts the approval — the PR merges.

The whole point of mandatory code review is human judgement. Letting Actions submit approvals turns that into a circular check the attacker controls both sides of.

How to fix

Settings → Actions → General → Workflow permissions → uncheck Allow GitHub Actions to create and approve pull requests. Bots that genuinely need to approve PRs (e.g., dependency-update bots) should use a separate bot account with limited scope, not the implicit GITHUB_TOKEN.

CICD-SEC-4 — Default GITHUB_TOKEN permissions are read-write CICD-SEC-5 — All GitHub Actions and reusable workflows are allowed

⌘I

Documentation Index

​What the check does

​Why it matters

​How to fix

What the check does

Why it matters

How to fix