From d7d6e4a6d766708f8a335c2bb8bd1c1631fa1c45 Mon Sep 17 00:00:00 2001
From: "hf-security-analysis[bot]"
 <265538906+hf-security-analysis[bot]@users.noreply.github.com>
Date: Sat, 13 Jun 2026 17:41:21 +0000
Subject: [PATCH] fix(security): remediate workflow vulnerability in
 .github/workflows/claude.yml

---
 .github/workflows/claude.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index 74ea6068..08ed8411 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -25,11 +25,23 @@ jobs:
       (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
     runs-on: ubuntu-latest
     steps:
+      - name: Check authorization
+        id: auth_check
+        run: |
+          ASSOCIATION="${{ github.event.comment.author_association || github.event.issue.author_association || github.event.review.author_association }}"
+          if [[ "$ASSOCIATION" != "MEMBER" && "$ASSOCIATION" != "OWNER" && "$ASSOCIATION" != "COLLABORATOR" ]]; then
+            echo "Unauthorized: Only members, owners, and collaborators can invoke Claude"
+            exit 1
+          fi
+          echo "Authorized: $ASSOCIATION"
+
       - uses: actions/checkout@v6
+        if: success()
         with:
           fetch-depth: 0
 
       - uses: anthropics/claude-code-action@v1.0.137
+        if: success()
         with:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           track_progress: true