Skip to content
Latchkey

GitHub Actions pull_request_target checking out untrusted code

pull_request_target runs with the base repo's secrets and a writable token. Checking out the PR head ref then executes untrusted fork code with those privileges - a serious security hole.

What this error means

A pull_request_target workflow checks out the PR head and runs build/test steps, meaning fork-controlled code runs with access to repository secrets.

github-actions
on: pull_request_target
jobs:
  build:
    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.sha }}   # runs untrusted code with secrets

Common causes

Checking out PR head under pull_request_target

The workflow uses pull_request_target (privileged) but checks out fork-controlled head code and executes it.

Running build steps on untrusted input

Untrusted scripts/dependencies from the PR run with secrets and a write token.

How to fix it

Do not execute untrusted code with secrets

  1. Use pull_request (not _target) to build/test fork code without secrets.
  2. If you must use pull_request_target, do not check out or run head code; only label/comment.
  3. Gate any privileged step behind a trusted-author / approval check.
.github/workflows/ci.yml
on: pull_request   # untrusted build runs with a read-only token, no secrets
jobs:
  test:
    steps:
      - uses: actions/checkout@v4
      - run: npm ci && npm test

How to prevent it

  • Never run untrusted fork code under pull_request_target.
  • Keep secrets out of fork-triggered build/test.
  • Separate privileged write-back from untrusted execution.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →