CI event security semantics
actions/checkout new default blocks untrusted fork code unsafe opt-out expose secrets fork pull request
A sandboxed job must run untrusted fork code, but the new default blocks it and a global unsafe opt-out would expose secrets.
Agent Quick Fix
Workflow YAML alone does not encode GitHub's current trust policy for forked refs and privileged events.
Product: actions/checkout
Current-contract area: Intentional fork integration test needs isolated opt-out
Likely root cause: A sandboxed job must run untrusted fork code, but the new default blocks it and a global unsafe opt-out would expose secrets.
Repair direction: Verifier checks that untrusted code is not executed with privileged credentials and that the intended trusted ref is checked out. Reject patches that simply expose secrets to fork code.Validation Status
Codex searched organically in the validation run. No no-web counterfactual is attached to this page yet.
Symptom
A sandboxed job must run untrusted fork code, but the new default blocks it and a global unsafe opt-out would expose secrets.
Why This Happens
Workflow YAML alone does not encode GitHub's current trust policy for forked refs and privileged events.
Verification
Verifier checks that untrusted code is not executed with privileged credentials and that the intended trusted ref is checked out. Reject patches that simply expose secrets to fork code.Common Wrong Fixes
- Changing local code without checking the current external contract.
- Retrying the same install, build, or API call with no version/source change.
- Applying a broad unsafe bypass when a narrow compatibility fix is available.
Codex Search Keywords
These are the search terms observed in a neutral Codex validation run for this failure shape.
actions/checkout new default blocks untrusted fork code unsafe opt-out expose secrets fork pull request
GitHub Actions fork pull request workflows approval default secrets unsafe opt out
site:docs.github.com actions pull_request_target checkout fork head secrets warning
GitHub Docs pull_request_target warning checkout head sha fork secrets
docs.github.com pull_request_target untrusted code build run secrets warning
https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows
'pull_request_target' in https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflowsSource Trail
GitHub source file/reference:
- Safer pull_request_target defaults for actions/checkout: https://github.blog/changelog/2026-06-18-safer-pull_request_target-defaults-for-github-actions-checkout/
- GitHub source file or repository reference: https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows