Roo Code GitHub Actions Workflow Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the Roo Code GitHub Actions workflow, specifically in versions 3.26.6 and prior. The issue arises from the workflow's use of unsanitized pull request metadata in a privileged context, which allowed attackers to inject malicious input and execute arbitrary commands on the Actions runner. This vulnerability is particularly concerning because the workflow operates with broad permissions and access to repository secrets, enabling attackers to modify code, access sensitive information, and create malicious releases or packages, thereby compromising the entire repository and its associated services.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the Actions runner, with potential to modify or push code to the repository, access repository secrets, and create malicious releases or packages. This could lead to a complete compromise of the repository and its associated services.

Reproduction

The vulnerability can be reproduced by using the Discord PR Notify workflow in a GitHub Actions environment. By crafting a pull request that includes unsanitized metadata, an attacker can inject commands using backticks, which are executed on the Actions runner. This exploitation takes advantage of the workflow's broad permissions and access to repository secrets.

Remediation

The vulnerable workflow has been deleted and all affected secrets have been rotated.