claude-code-action

History

docs: warn that allowed_bots can expose the action to external triggers (#1039 )

allowed_bots does not verify that a matching bot is installed on the
repository or has write access. On a public repo, external GitHub Apps
may be able to trigger workflow events (issues, comments, PR reviews).
If the workflow listens on those events and allowed_bots is '*', an
external App can invoke this action with a prompt it controls.

Default config (allowed_bots: "") is unaffected.

- docs/security.md: add warning and mitigation guidance
- docs/usage.md: add inline warning to the allowed_bots input row
- action.yml: add warning to the allowed_bots input description

🏠 Remote-Dev: homespace

2026-03-09 13:04:11 -07:00

capabilities-and-limitations.md

refactor: restructure documentation into organized docs directory (#383 )

2025-08-03 21:16:50 -07:00

cloud-providers.md

fix: update broken link in cloud-providers.md (#758 )

2025-12-19 15:47:47 -08:00

configuration.md

Revert "Revert "feat: send additional_permissions in token exchange request (…" (#866 )

2026-01-27 14:35:18 -08:00

create-app.html

feat(docs): simplify custom GitHub App creation with manifest support (#620 )