Ruff GitHub Actions Workflow Exposes Write Token to Fork Pull Requests — Code Execution Risk

A GitHub Actions workflow in the Ruff repository contains a security flaw that allows any user with fork pull request access to execute arbitrary code inside a runner holding a write-scoped `GITHUB_TOKEN`. The vulnerability, classified under CWE-77 (Improper Neutralization of Special Elements used in a Command), resides in the `.github/workflows/ruff.yml` file and triggers on `pull_request` events from forked repositories. The flaw grants `permissions: contents: write` at the workflow level, exposing push access to `main`, release tagging capabilities, and workflow modification permissions to an untrusted actor.

The issue stems from a pattern sometimes called a "pwn request": the workflow checks out `repository: ${{ github.event.pull_request.head.repo.full_name }}` using `token: ${{ secrets.GITHUB_TOKEN }}`. This means the attacker's fork code gets pulled into a runner that carries write access, and then `uv sync` runs against it. An attacker can weaponize this by injecting malicious commands into the fork's `pyproject.toml` or build configuration files, causing arbitrary execution during dependency installation.

The exposure carries serious implications. An adversary who submits a fork pull request can achieve code execution within a privileged workflow context, directly compromising the repository and any secrets available to the workflow. The attack surface includes maintainers and contributors who merge or review pull requests, as well as any organization replicating similar CI/CD configurations in public repositories. The recommended remediation path involves switching to `pull_request_target` with explicit permission scoping, adopting `merge_group` events, or implementing sandboxed execution for untrusted code.