Granite: Granular Runtime Enforcement for GitHub Actions Permissions

• URL: http://arxiv.org/abs/2512.11602v1
• Date: Fri, 12 Dec 2025 14:38:45 GMT
• Title: Granite: Granular Runtime Enforcement for GitHub Actions Permissions
• Authors: Mojtaba Moazen, Amir. M Ahmadian, Musard Balliu,
• Abstract summary: We present Granite, a proxy-based system that enforces fine-starred permissions for GitHub Actions at the step-level granularity within a job.<n>Our analysis reveals that 52.7% of the jobs can be protected by Granite against permission misuse attacks.
• Score: 2.278720757613755
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Modern software projects use automated CI/CD pipelines to streamline their development, build, and deployment processes. GitHub Actions is a popular CI/CD platform that enables project maintainers to create custom workflows -- collections of jobs composed of sequential steps -- using reusable components known as actions. Wary of the security risks introduced by fully-privileged actions, GitHub provides a job-level permission model for controlling workflow access to repository resources. Unfortunately, this model is too coarse-grained to reduce the attack surface pertaining to permission misuse attacks: All actions within a job share the same permissions granted to the job. This violates the principle of least privilege and can lead to broader software supply chain attacks, whenever a compromised action exploits the granted permissions to compromise the repository resources. In this paper, we present Granite, a runtime proxy-based system that enforces fine-grained permissions for GitHub Actions at the step-level granularity within a job. Granite transparently monitors requests made by JavaScript and composite actions during workflow execution and checks them against predefined step-level policies at runtime. We evaluate Granite in terms of compatibility, security, and performance overhead using a dataset of 500 workflows comprising 12,916 jobs from the most-starred GitHub repositories that use GitHub Actions. Our analysis reveals that 52.7% of the jobs can be protected by Granite against permission misuse attacks. We evaluate Granite on 20 top-starred repositories (63 actions, 58 workflows), validate attack prevention using 10 permission misuse attacks across 42 overprivileged jobs, and measure an average overhead of 55% (3.67 seconds) per job, concluding that Granite effectively reduces CI/CD attack surfaces.

Related papers

• Unpacking Security Scanners for GitHub Actions Workflows [2.046588369793562]
  GitHub Actions is a widely used platform that allows developers to automate the build and deployment of their projects.<n>As the platform's popularity continues to grow, it has become a target of choice for recent software supply chain attacks.<n>Several security scanners have emerged to help developers harden their GitHub Actions.
  arXiv  Detail & Related papers  (2026-01-20T20:25:11Z)
• BashArena: A Control Setting for Highly Privileged AI Agents [1.685485565763117]
  We introduce BashArena, a setting for studying AI control techniques in security-critical environments.<n>BashArena contains 637 Linux system administration and infrastructure engineering tasks in complex, realistic environments.<n>We evaluate multiple frontier LLMs on their ability to complete tasks, perform sabotage undetected, and detect sabotage attempts.
  arXiv  Detail & Related papers  (2025-12-17T18:45:25Z)
• Trace: Securing Smart Contract Repository Against Access Control Vulnerability [58.02691083789239]
  GitHub hosts numerous smart contract repositories containing source code, documentation, and configuration files.<n>Third-party developers often reference, reuse, or fork code from these repositories during custom development.<n>Existing tools for detecting smart contract vulnerabilities are limited in their ability to handle complex repositories.
  arXiv  Detail & Related papers  (2025-10-22T05:18:28Z)
• Bag of Tricks for Subverting Reasoning-based Safety Guardrails [62.139297207938036]
  We present a bag of jailbreak methods that subvert the reasoning-based guardrails.<n>Our attacks span white-, gray-, and black-box settings and range from effortless template manipulations to fully automated optimization.
  arXiv  Detail & Related papers  (2025-10-13T16:16:44Z)
• SwingArena: Competitive Programming Arena for Long-context GitHub Issue Solving [90.32201622392137]
  We present SwingArena, a competitive evaluation framework for Large Language Models (LLMs)<n>Unlike traditional static benchmarks, SwingArena models the collaborative process of software by pairing LLMs as iterations, who generate patches, and reviewers, who create test cases and verify the patches through continuous integration (CI) pipelines.
  arXiv  Detail & Related papers  (2025-05-29T18:28:02Z)
• ARGO-SLSA: Software Supply Chain Security in Argo Workflows [0.0]
  Argonatives is an engine for managing software artifacts in an automated fashion.<n>It does not include built-in functionality for frameworks like Supply-chain Levels for Software Artifacts (SLSA)<n>This paper proposes a provenance controller built on top of Argos to enhance artifact security.
  arXiv  Detail & Related papers  (2025-03-25T21:32:23Z)
• MutaGReP: Execution-Free Repository-Grounded Plan Search for Code-Use [92.28400093066212]
  MutaGReP is an approach to search for plans that decompose a user request into natural language steps grounded in a large code repository.<n>Our plans use less than 5% of the 128K context window for GPT-4o but rival the coding performance of GPT-4o with a context window filled with the repo.
  arXiv  Detail & Related papers  (2025-02-21T18:58:17Z)
• Automatic Categorization of GitHub Actions with Transformers and Few-shot Learning [12.254055731378045]
  GitHub Actions (GHA) have been conceived to provide developers with a practical tool to create and maintain a pipeline. To expose actions to search engines, GitHub allows developers to assign them to one or more categories manually. We propose Gavel, a practical solution to increasing the visibility of actions in GitHub.
  arXiv  Detail & Related papers  (2024-07-24T02:27:36Z)
• MAGIS: LLM-Based Multi-Agent Framework for GitHub Issue Resolution [47.850418420195304]
  Large Language Models (LLMs) have shown promise in code generation but face difficulties in resolving GitHub issues. We propose a novel Multi-Agent framework for GitHub Issue reSolution, MAGIS, consisting of four agents customized for software evolution.
  arXiv  Detail & Related papers  (2024-03-26T17:57:57Z)
• On the effectiveness of Large Language Models for GitHub Workflows [9.82254417875841]
  Large Language Models (LLMs) have demonstrated their effectiveness in various software development tasks. We perform the first comprehensive study to understand the effectiveness of LLMs on five workflow-related tasks with different levels of prompts. Our evaluation of three state-of-art LLMs and their fine-tuned variants revealed various interesting findings on the current effectiveness and drawbacks of LLMs.
  arXiv  Detail & Related papers  (2024-03-19T05:14:12Z)
• PAL: Proxy-Guided Black-Box Attack on Large Language Models [55.57987172146731]
  Large Language Models (LLMs) have surged in popularity in recent months, but they have demonstrated capabilities to generate harmful content when manipulated. We introduce the Proxy-Guided Attack on LLMs (PAL), the first optimization-based attack on LLMs in a black-box query-only setting. Our attack achieves 84% attack success rate (ASR) on GPT-3.5-Turbo and 48% on Llama-2-7B, compared to 4% for the current state of the art.
  arXiv  Detail & Related papers  (2024-02-15T02:54:49Z)
• Enhancing Open-Domain Task-Solving Capability of LLMs via Autonomous Tool Integration from GitHub [79.31134731122462]
  We introduce OpenAct benchmark to evaluate the open-domain task-solving capability, built on human expert consultation and repositories in GitHub.<n>We present OpenAgent, a novel LLM-based agent system that can tackle evolving queries in open domains through autonomously integrating specialized tools from GitHub.
  arXiv  Detail & Related papers  (2023-12-28T15:47:30Z)
• An Empirical Study on Workflows and Security Policies in Popular GitHub Repositories [9.048328480295224]
  In open-source projects, anyone can contribute, so it is important to have an active continuous integration and continuous delivery (CI/CD) pipeline. Many of these projects are hosted on GitHub, where maintainers can create automated security policies. We measure the usage of GitHub and security policies in thousands of popular repositories based on the number of stars.
  arXiv  Detail & Related papers  (2023-05-25T14:52:23Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.