Skip to content
Latchkey

How to Restrict Who Can Run Slash Commands in GitHub Actions

A chat command must never run before you confirm the author has the required repository permission, because anyone can post a comment.

Call repos.getCollaboratorPermissionLevel for the commenter and fail the run unless the permission is write or admin. This is the single most important control for chat-triggered deploys.

Steps

  • Look up the commenter with getCollaboratorPermissionLevel.
  • Allow only admin or write (or a stricter allowlist).
  • Fail the job with a clear message when the check fails.
  • Keep this step first, before any side effect.

Authorization step

.github/workflows/ci.yml
- uses: actions/github-script@v7
  with:
    script: |
      const actor = context.payload.comment.user.login
      const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
        owner: context.repo.owner,
        repo: context.repo.repo,
        username: actor
      })
      const allowed = ['admin', 'write']
      if (!allowed.includes(data.permission)) {
        core.setFailed(`${actor} lacks permission to run this command`)
      }

Gotchas

  • Team membership does not always map to repository permission; the API returns the effective level.
  • For high-risk commands, keep an explicit login allowlist in addition to the permission floor.
  • Fork contributors have read access at most, so this check blocks untrusted deploys.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →