Class EnvPathInjectionFromCommandSink

Holds if a Run step executes a command that returns untrusted data which flows to GITHUB_ENV e.g. run: | COMMIT_MESSAGE=$(git log –format=%s) echo “${COMMIT_MESSAGE}” >> $GITHUB_PATH

Import path

import codeql.actions.security.EnvPathInjectionQuery

Direct supertypes

EnvPathInjectionSink

Indirect supertypes

Node
TNode

Inherited predicates

asExpr		from Node
getLocation		from Node
hasLocationInfo	Holds if this element is at the specified location. The location spans column `startcolumn` of line `startline` to column `endcolumn` of line `endline` in file `filepath`. For more information, see Locations.	from Node
toString	Gets a textual representation of this element.	from Node

Charpred

EnvPathInjectionFromCommandSink