How to Restrict Who Can Run Slash Commands in GitHub Actions
A chat command must never run before you confirm the author has the required repository permission, because anyone can post a comment.
Call repos.getCollaboratorPermissionLevel for the commenter and fail the run unless the permission is write or admin. This is the single most important control for chat-triggered deploys.
Steps
- Look up the commenter with
getCollaboratorPermissionLevel. - Allow only
adminorwrite(or a stricter allowlist). - Fail the job with a clear message when the check fails.
- Keep this step first, before any side effect.
Authorization step
.github/workflows/ci.yml
- uses: actions/github-script@v7
with:
script: |
const actor = context.payload.comment.user.login
const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
owner: context.repo.owner,
repo: context.repo.repo,
username: actor
})
const allowed = ['admin', 'write']
if (!allowed.includes(data.permission)) {
core.setFailed(`${actor} lacks permission to run this command`)
}Gotchas
- Team membership does not always map to repository permission; the API returns the effective level.
- For high-risk commands, keep an explicit login allowlist in addition to the permission floor.
- Fork contributors have read access at most, so this check blocks untrusted deploys.
Related guides
How to Verify a Command Author Is a Maintainer in GitHub ActionsVerify a chat command author is a maintainer in GitHub Actions by checking team membership or an explicit all…
How to Trigger a Deploy From a PR Comment in GitHub ActionsTrigger a deploy from a /deploy pull request comment in GitHub Actions using the issue_comment event, parsing…