microsoft
diff --git a/‎ql/lib/ext/8398a7_action-slack.model.yml
Lines changed: 6 additions & 0 deletions b/‎ql/lib/ext/8398a7_action-slack.model.yml
Lines changed: 6 additions & 0 deletions
diff --git a/‎ql/lib/ext/actions_github-script.model.yml
Lines changed: 1 addition & 1 deletion b/‎ql/lib/ext/actions_github-script.model.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎ql/lib/ext/akhileshns_heroku-deploy.model.yml
Lines changed: 15 additions & 0 deletions b/‎ql/lib/ext/akhileshns_heroku-deploy.model.yml
Lines changed: 15 additions & 0 deletions
diff --git a/‎ql/lib/ext/amannn_action-semantic-pull-request.model.yml
Lines changed: 6 additions & 0 deletions b/‎ql/lib/ext/amannn_action-semantic-pull-request.model.yml
Lines changed: 6 additions & 0 deletions
diff --git a/‎ql/lib/ext/anchore_sbom-action.model.yml
Lines changed: 10 additions & 0 deletions b/‎ql/lib/ext/anchore_sbom-action.model.yml
Lines changed: 10 additions & 0 deletions
diff --git a/‎ql/lib/ext/anchore_scan-action.model.yml
Lines changed: 6 additions & 0 deletions b/‎ql/lib/ext/anchore_scan-action.model.yml
Lines changed: 6 additions & 0 deletions
diff --git a/‎ql/lib/ext/andresz1_size-limit-action.model.yml
Lines changed: 9 additions & 0 deletions b/‎ql/lib/ext/andresz1_size-limit-action.model.yml
Lines changed: 9 additions & 0 deletions
diff --git a/‎ql/lib/ext/asdf-vm_actions.model.yml
Lines changed: 6 additions & 0 deletions b/‎ql/lib/ext/asdf-vm_actions.model.yml
Lines changed: 6 additions & 0 deletions
diff --git a/‎ql/lib/ext/axel-op_googlejavaformat-action.model.yml
Lines changed: 7 additions & 0 deletions b/‎ql/lib/ext/axel-op_googlejavaformat-action.model.yml
Lines changed: 7 additions & 0 deletions
diff --git a/‎ql/lib/ext/azure_powershell.model.yml
Lines changed: 6 additions & 0 deletions b/‎ql/lib/ext/azure_powershell.model.yml
Lines changed: 6 additions & 0 deletions
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["8398a7/action-slack", "*", "input.custom_payload", "code-injection"]
@@ -3,4 +3,4 @@ extensions:
       pack: githubsecuritylab/actions-all
       extensible: sinkModel
     data:
-      - ["actions/github-script","*","input.script","expression-injection"]
+      - ["actions/github-script", "*", "input.script", "code-injection"]
@@ -4,3 +4,18 @@ extensions:
       extensible: summaryModel
     data:
       - ["akhileshns/heroku-deploy", "*", "input.branch", "output.status", "taint"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["akhileshns/heroku-deploy", "*", "input.heroku_app_name", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.buildpack", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.region", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.stack", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.team", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.docker_heroku_process_type", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.docker_build_args", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.branch", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.appdir", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.heroku_api_key", "command-injection"]
+      - ["akhileshns/heroku-deploy", "*", "input.heroku_email", "command-injection"]
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sourceModel
+    data:
+      - ["amannn/action-semantic-pull-request", "*", "output.error_message", "pull_request_target", "PR title"]
@@ -0,0 +1,10 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["anchore/sbom-action", "*", "input.syft-version", "command-injection"]
+      - ["anchore/sbom-action", "*", "input.format", "command-injection"]
+      - ["anchore/sbom-action", "*", "input.path", "command-injection"]
+      - ["anchore/sbom-action", "*", "input.file", "command-injection"]
+      - ["anchore/sbom-action", "*", "input.image", "command-injection"]
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["anchore/scan-action", "*", "input.grype-version", "command-injection"]
@@ -0,0 +1,9 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["andresz1/size-limit-action", "*", "input.package_manager", "command-injection"]
+      - ["andresz1/size-limit-action", "*", "input.build_script", "command-injection"]
+      - ["andresz1/size-limit-action", "*", "input.script", "command-injection"]
+      - ["andresz1/size-limit-action", "*", "input.clean_script", "command-injection"]
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["asdf-vm/actions", "*", "input.before_install", "command-injection"]
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["axel-op/googlejavaformat-action", "*", "input.commitMessage", "command-injection"]
+      - ["axel-op/googlejavaformat-action", "*", "input.commit-message", "command-injection"]
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sinkModel
+    data:
+      - ["azure/powershell", "*", "input.azPSVersion", "command-injection"]