CI event security semantics
actions/checkout new default blocks untrusted fork code unsafe opt-out expose secrets fork pull request
A sandboxed job must run untrusted fork code, but the new default blocks it and a global unsafe opt-out would expose secrets.
Agent Quick Fix
Repair against the current actions/checkout contract, then keep the change narrow and source-backed.
Product: actions/checkout
Current-contract area: Intentional fork integration test needs isolated opt-out
Likely root cause: A sandboxed job must run untrusted fork code, but the new default blocks it and a global unsafe opt-out would expose secrets.
Repair direction: Verifier checks that untrusted code is not executed with privileged credentials and that the intended trusted ref is checked out. Reject patches that simply expose secrets to fork code.Symptom
A sandboxed job must run untrusted fork code, but the new default blocks it and a global unsafe opt-out would expose secrets.
Why This Happens
Workflow YAML alone does not encode GitHub's current trust policy for forked refs and privileged events.
Common Wrong Fixes
- Changing local code without checking the current external contract.
- Retrying the same install, build, or API call with no version/source change.
- Applying a broad unsafe bypass when a narrow compatibility fix is available.
Codex Search Keywords
These are the search terms observed in a neutral Codex validation run for this failure shape.
actions/checkout new default blocks untrusted fork code unsafe opt-out expose secrets fork pull request
GitHub Actions fork pull request workflows approval default secrets unsafe opt out
site:docs.github.com actions pull_request_target checkout fork head secrets warning
GitHub Docs pull_request_target warning checkout head sha fork secrets
docs.github.com pull_request_target untrusted code build run secrets warning
https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows
'pull_request_target' in https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflowsSource Trail
GitHub source file/reference:
- Safer pull_request_target defaults for actions/checkout: https://github.blog/changelog/2026-06-18-safer-pull_request_target-defaults-for-github-actions-checkout/
- GitHub source file or repository reference: https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows