From 410cb834378f1a77d33eae80d0357a1591459c98 Mon Sep 17 00:00:00 2001
From: kitsuyui <kitsuyui+github@kitsuyui.com>
Date: Tue, 26 May 2026 21:21:02 +0900
Subject: [PATCH] Validate boilerplates ref before writing outputs

---
 .github/workflows/main.yml          | 34 +++++++++++++++++++++++++++++
 action.yml                          |  8 +------
 scripts/capture-boilerplates-ref.sh | 15 +++++++++++++
 3 files changed, 50 insertions(+), 7 deletions(-)
 create mode 100755 scripts/capture-boilerplates-ref.sh

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index f2b2294..1e6af69 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -35,6 +35,40 @@ jobs:
         with:
           scandir: ./scripts
 
+  output-safety:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
+      - name: boilerplates ref output accepts commit hashes
+        run: |
+          tmpdir=$(mktemp -d)
+          trap 'rm -rf "${tmpdir}"' EXIT
+          mkdir -p "${tmpdir}/bin" "${tmpdir}/boilerplates/.git"
+          cat >"${tmpdir}/bin/git" <<'SH'
+          #!/usr/bin/env sh
+          printf '0123456789abcdef0123456789abcdef01234567\n'
+          SH
+          chmod +x "${tmpdir}/bin/git"
+          PATH="${tmpdir}/bin:${PATH}" GITHUB_OUTPUT="${tmpdir}/output.txt" \
+            scripts/capture-boilerplates-ref.sh "${tmpdir}/boilerplates"
+          grep '^boilerplates-ref=0123456789abcdef0123456789abcdef01234567$' "${tmpdir}/output.txt"
+
+      - name: malformed boilerplates ref cannot inject outputs
+        run: |
+          tmpdir=$(mktemp -d)
+          trap 'rm -rf "${tmpdir}"' EXIT
+          mkdir -p "${tmpdir}/bin" "${tmpdir}/boilerplates/.git"
+          cat >"${tmpdir}/bin/git" <<'SH'
+          #!/usr/bin/env sh
+          printf '0123456789abcdef0123456789abcdef01234567\ninjected=true\n'
+          SH
+          chmod +x "${tmpdir}/bin/git"
+          PATH="${tmpdir}/bin:${PATH}" GITHUB_OUTPUT="${tmpdir}/output.txt" \
+            scripts/capture-boilerplates-ref.sh "${tmpdir}/boilerplates"
+          grep '^boilerplates-ref=$' "${tmpdir}/output.txt"
+          ! grep '^injected=true$' "${tmpdir}/output.txt"
+
   diff-detection:
     runs-on: ${{ matrix.os }}
     strategy:
diff --git a/action.yml b/action.yml
index b092214..ccd2993 100644
--- a/action.yml
+++ b/action.yml
@@ -131,13 +131,7 @@ runs:
     - name: capture boilerplates ref
       id: boilerplates_ref
       run: |
-        boilerplates_dir="${HOME}/.gitignore-boilerplates"
-        if [ -d "${boilerplates_dir}/.git" ]; then
-          ref=$(git -C "${boilerplates_dir}" rev-parse --verify HEAD)
-        else
-          ref=""
-        fi
-        echo "boilerplates-ref=${ref}" >> "${GITHUB_OUTPUT}"
+        "${GITHUB_ACTION_PATH}/scripts/capture-boilerplates-ref.sh"
       shell: bash
 
     - name: check .gitignore
diff --git a/scripts/capture-boilerplates-ref.sh b/scripts/capture-boilerplates-ref.sh
new file mode 100755
index 0000000..f41caed
--- /dev/null
+++ b/scripts/capture-boilerplates-ref.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+boilerplates_dir="${1:-${HOME}/.gitignore-boilerplates}"
+ref=""
+
+if [ -d "${boilerplates_dir}/.git" ]; then
+	ref="$(git -C "${boilerplates_dir}" rev-parse --verify HEAD)"
+	if ! [[ "${ref}" =~ ^([0-9a-f]{40}|[0-9a-f]{64})$ ]]; then
+		echo "Unexpected boilerplates HEAD ref; leaving boilerplates-ref empty" >&2
+		ref=""
+	fi
+fi
+
+printf 'boilerplates-ref=%s\n' "${ref}" >>"${GITHUB_OUTPUT:-/dev/stdout}"