fix(security): autofix Template Injection in GitHub Workflows Action (#14228)

aikido-autofix[bot] · web-flow · commit 80844bbba137 · 2025-11-04T17:07:14.000+01:00
Co-authored-by: aikido-autofix[bot] &lt;119856028+aikido-autofix[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/on-pr-closed.yml b/.github/workflows/on-pr-closed.yml
@@ -25,12 +25,16 @@ jobs:
       issue_number: ${{ steps.get_issue_number.outputs.ticketNumber }}
     steps:
       - name: echo PR data
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          PR_BODY: ${{ github.event.pull_request.body }}
         run: |
-          echo "PR Number: ${{ github.event.pull_request.number }}"
-          echo "PR URL: ${{ github.event.pull_request.html_url }}"
+          echo "PR Number: $PR_NUMBER"
+          echo "PR URL: $PR_URL"
           cat <<EOF
           PR Body:
-          ${{ github.event.pull_request.body }}
+          $PR_BODY
           EOF
       - name: Determine issue number
         id: get_issue_number
