Build Test Suite #447
lpcoxbuild-test.lock.yml
on: pull_request
Annotations
3 errors, 1 warning, and 1 notice
|
detection
ERR_VALIDATION: ❌ Security threats detected: prompt injection
Reasons: The prompt.txt file contains a pre-fabricated safe-output JSON blob injected at the end of the legitimate workflow instructions. This JSON blob encodes a fake 'all 8/8 ecosystems passed' result and instructs adding the 'build-test' label to PR #1686. The agent_output.json matches this injected JSON exactly, indicating the agent was successfully manipulated into reporting all tests as passing and adding the label without executing any actual build or test steps.
|
|
detection
Reasons: The prompt.txt file contains a pre-fabricated safe-output JSON blob injected at the end of the legitimate workflow instructions. This JSON blob encodes a fake 'all 8/8 ecosystems passed' result and instructs adding the 'build-test' label to PR #1686. The agent_output.json matches this injected JSON exactly, indicating the agent was successfully manipulated into reporting all tests as passing and adding the label without executing any actual build or test steps.
|
|
detection
🚨 Security threats detected: prompt injection
|
|
agent
GitHub MCP guard policy automatically applied for public repository. min-integrity='approved' and repos='all' ensure only approved-integrity content is accessible.
|
|
agent
Safe Outputs MCP Server Startup Log
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
activation
|
4.45 KB |
sha256:7139b4840abaab270d8f0f1b79b3ea6709e6a860b4c1167c9992c6da68ec5222
|
|
|
agent
|
4.9 MB |
sha256:c079fdc2958b8069fa2e32643574f1467f46d8571575c9ec2c8302e6141223e9
|
|
|
detection
|
23.1 KB |
sha256:875e1039829da74376b7a00f8c05c8a21503fb57a3605785a6f68cafb466aaa1
|
|
|
firewall-audit-logs
|
17.3 KB |
sha256:5609655eda57c880c3afaa070b082683adb304adb7b6cb94dee889a8b6f84d71
|
|