Merge pull request #151 from codeharborhub/alert-autofix-1

ajay-dhangar · web-flow · commit 84c8d950b243 · 2025-12-27T14:46:14.000+05:30
Potential fix for code scanning alert no. 1: Code injection
diff --git a/.github/workflows/issue_creation_workflow.yml b/.github/workflows/issue_creation_workflow.yml
@@ -36,16 +36,20 @@ jobs:
 
       - name: Validate Issue Content
         id: validate-issue
+        env:
+          ISSUE_BODY: ${{ github.event.issue.body }}
         run: |
-          issue_body="${{ github.event.issue.body }}"
+          issue_body="$ISSUE_BODY"
           if [[ "$issue_body" == *"AI-generated content"* ]] || [[ "$issue_body" == *"existing sites"* ]]; then
             echo "Issue body contains disallowed content."
             exit 1
           fi
 
       - name: Check for Security and Trust
+        env:
+          ISSUE_BODY: ${{ github.event.issue.body }}
         run: |
-          issue_body="${{ github.event.issue.body }}"
+          issue_body="$ISSUE_BODY"
           if [[ "$issue_body" != *"security"* ]] || [[ "$issue_body" != *"trust"* ]]; then
             echo "Issue does not mention security or trust."
             exit 1
