How to Prevent Secret Leaks on Fork Pull Requests in GitHub Actions
Fork PRs on the pull_request event get a read-only token and no secrets; the danger is pull_request_target, which has secrets and must never run fork code.
Run build and test for forks on pull_request (no secrets). Reserve pull_request_target for trusted, code-free automation and always check out the base ref there.
Steps
- Keep untrusted build/test on the
pull_requestevent. - Use
pull_request_targetonly for trusted tasks like labeling. - In a privileged context, never check out and execute the PR head.
Workflow
.github/workflows/ci.yml
name: pr
on:
pull_request: # forks: read-only token, no secrets
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm ci && npm test # safe: no secrets hereGotchas
pull_request_targetruns in the base context with full secrets; checking out and running fork code there is the classic exploit.- If you must build fork code with secrets, gate it behind an environment that requires manual approval.
Related guides
How to Prevent Script Injection From Untrusted Input in GitHub ActionsStop GitHub Actions script injection by never interpolating untrusted github context directly into a run bloc…
How to Gate Deploys With Environment Protection Rules in GitHub ActionsProtect production in GitHub Actions with an environment that has required reviewers, a wait timer, and a dep…