Skip to content

GitHub Actions: Security Hardening Against Pull-Request-Target Abuse Starting in Version 7

In a nutshell: actions/checkout v7 fails workflows that use pull_request_target or workflow_run with unverified fork code — a step toward "Security by Default" philosophy.

GitHub is tightening the security of actions/checkout effective immediately, automatically blocking and failing insecure workflows that abuse the pull_request_target trigger to execute attacker code with full workflow privileges.

On June 18, 2024, GitHub announced actions/checkout version 7, which automatically blocks and fails workflows that attempt to fetch unverified fork code within pull_request_target or workflow_run events. This attack variant is referred to as a “pwn request” in the security community and exploits the fact that the pull_request_target trigger grants a workflow full access privileges to secrets such as API keys, service tokens, and credentials.

The problem with pull_request_target is its misuse: the trigger itself is legitimate and securely designed. It was developed to enable automations that would normally be blocked by pull_request restrictions. However, attackers have learned that a misconfigured pull_request_target combined with insecure use of actions/checkout provides a pathway into repositories and their secrets. By checking out unverified fork code, attacker-controlled scripts gain full workflow privileges.

The default hardening in v7 can only be overridden through explicit configuration — by setting allow-unsafe-pr-checkout. On July 16, this security measure will be backported to all supported major versions. Workflows with floating major tags like actions/checkout@v4 will receive the update automatically; workflows pinned to specific SHAs, minor or patch versions must be manually updated.

The announcement marks the beginning of a “Secure by Default” era, in which GitHub defines security system-wide rather than leaving it to developers’ discretion. GitHub suggests that further hardening for additional events may follow in future versions. Recently, the TeamPCP hackers attacked open-source repositories using pwn request exploits, including 170 npm packages such as the TanStack Router Ecosystem. The timing of the hardening is thus unsurprising — however, the vulnerability had been known for years.


Source: www.csoonline.com · Published June 23, 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: