Test PR scan sandbox dedup on rapid commits

[homanp]

Summary

Validates that back-to-back PR commits do not collide on Daytona sandbox names during Superagent Security Scan.

Do not merge. Close after both scans complete without Sandbox with name ... already exists errors.

Test plan

• First commit triggers Superagent Security Scan successfully
• Second commit triggers another scan on the same PR without sandbox name collision
• Close PR without merging

[open-cla]

Contributor License Agreement

All contributors are covered by a CLA.

[superagent-security]

Superagent found 2 security concern(s).

[superagent-security]

P2: Workflow grants write-all permissions without least-privilege restriction

Workflow uses overly broad write-all permissions.

Use least-privilege permissions instead of write-all.

AI prompt

Check if this security scanner issue is valid. If so, understand the root cause and fix it. If appropriate, update or add tests. Keep the change focused and preserve intended behavior.

<file name=".github/workflows/superagent-pr-scan-dedup-test.yml">
<violation number="1" location=".github/workflows/superagent-pr-scan-dedup-test.yml:7">
<priority>P2</priority>
<title>Workflow grants write-all permissions without least-privilege restriction</title>
<evidence>permissions: write-all</evidence>
<recommendation>Replace permissions: write-all with a minimal permissions block (e.g., permissions: {} at the workflow level and grant only required permissions per job) to reduce blast radius if the workflow is later extended with secrets or write operations.</recommendation>
</violation>
</file>

[superagent-security]

P2: GitHub Action pinned to mutable version tag instead of immutable commit SHA

Action uses mutable version tag instead of commit SHA.

Pin to a full commit SHA with a version comment.

AI prompt

Check if this security scanner issue is valid. If so, understand the root cause and fix it. If appropriate, update or add tests. Keep the change focused and preserve intended behavior.

<file name=".github/workflows/superagent-pr-scan-dedup-test.yml">
<violation number="1" location=".github/workflows/superagent-pr-scan-dedup-test.yml:13">
<priority>P2</priority>
<title>GitHub Action pinned to mutable version tag instead of immutable commit SHA</title>
<evidence>uses: actions/checkout@v4</evidence>
<recommendation>Pin the action to a full 40-character commit SHA of the intended release and append a version comment, e.g., uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1.</recommendation>
</violation>
</file>

[superagent-security]

Superagent found 3 security concern(s).

P0: Template injection via PR title interpolated into shell command

PR title is interpolated directly into a shell run block, enabling arbitrary command injection.

Use an env var to pass the PR title into the shell instead of direct template interpolation.

AI prompt

Check if this security scanner issue is valid. If so, understand the root cause and fix it. If appropriate, update or add tests. Keep the change focused and preserve intended behavior.

<file name=".github/workflows/superagent-pr-scan-dedup-test.yml">
<violation number="1" location=".github/workflows/superagent-pr-scan-dedup-test.yml:17">
<priority>P0</priority>
<title>Template injection via PR title interpolated into shell command</title>
<evidence>run: echo "PR title is ${{ github.event.pull_request.title }}"</evidence>
<recommendation>Pass untrusted values through environment variables instead of interpolating them directly into shell commands. For example:
  env:
    PR_TITLE: ${{ github.event.pull_request.title }}
  run: echo "PR title is $PR_TITLE"</recommendation>
</violation>
</file>

---

P1: Overly broad workflow permissions grant write-all to GITHUB_TOKEN

Workflow grants write-all permissions, exceeding the principle of least privilege.

Replace write-all with minimal required permissions or use per-job least-privilege grants.

AI prompt

Check if this security scanner issue is valid. If so, understand the root cause and fix it. If appropriate, update or add tests. Keep the change focused and preserve intended behavior.

<file name=".github/workflows/superagent-pr-scan-dedup-test.yml">
<violation number="1" location=".github/workflows/superagent-pr-scan-dedup-test.yml:7">
<priority>P1</priority>
<title>Overly broad workflow permissions grant write-all to GITHUB_TOKEN</title>
<evidence>permissions: write-all</evidence>
<recommendation>Replace permissions: write-all with the minimal permissions required (e.g., contents: read), or set permissions: {} at the workflow level and grant per-job least privilege.</recommendation>
</violation>
</file>

---

P1: Third-party action referenced by mutable tag instead of commit SHA

Action is pinned to a mutable tag (@v4), which can be force-pushed to supply a compromised version.

Pin actions/checkout to a specific commit SHA with a version comment.

AI prompt

Check if this security scanner issue is valid. If so, understand the root cause and fix it. If appropriate, update or add tests. Keep the change focused and preserve intended behavior.

<file name=".github/workflows/superagent-pr-scan-dedup-test.yml">
<violation number="1" location=".github/workflows/superagent-pr-scan-dedup-test.yml:13">
<priority>P1</priority>
<title>Third-party action referenced by mutable tag instead of commit SHA</title>
<evidence>uses: actions/checkout@v4</evidence>
<recommendation>Pin the action to a full 40-character commit SHA and add a version comment, e.g. uses: actions/checkout@&lt;sha&gt; # v4</recommendation>
</violation>
</file>