Add git credentials cleanup and regeneration for agent execution

[Copilot]

Prevents agents from accessing git credentials during execution while preserving safe-outputs functionality by cleaning credentials before agent execution and regenerating them afterwards.

Implementation

Cleanup Script (actions/setup/sh/clean_git_credentials.sh):

• Removes [credential] sections and URL-specific credential configs
• Strips http.extraheader (used by actions/checkout)
• Cleans embedded credentials from remote URLs (https://user:pass@host → https://host)
• Preserves the origin remote (does NOT remove it)
• Validates config integrity after cleaning
• Does NOT create backups

Compiler Integration (pkg/workflow/compiler_yaml_main_job.go):

• Cleanup step injected immediately before generateEngineExecutionSteps()
• Regenerates git configuration step after agent execution (calls generateGitConfigurationSteps() again)
• Applied to all engine types (Copilot, Claude, Codex, Custom)

Helper Function (pkg/workflow/yaml_generation.go):

func (c *Compiler) generateGitCredentialsCleanerStep() []string {
    return []string{
        "      - name: Clean git credentials\n",
        "        run: bash /opt/gh-aw/actions/clean_git_credentials.sh\n",
    }
}

Workflow Flow

1. Configure Git credentials - initial setup with ${{ github.token }}
2. Clean git credentials - removes credentials before agent execution
3. Agent executes - no access to credentials
4. Configure Git credentials - regenerated after agent execution (same step, fresh credentials)
5. Safe-outputs operations work normally with regenerated credentials

This approach protects credentials from the agent while preserving functionality for safe-outputs operations like create_pull_request and push_to_pull_request_branch that depend on git fetch origin and generate_git_patch.cjs.

All 148 workflows recompiled with cleanup and regeneration steps positioned correctly.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

---

Changeset

• Type: patch
• Description: Add a git credentials cleanup step before every agent run to prevent leaked credentials from previous steps from being used.

Generated by Changeset Generator

---

Changeset

• Type: patch
• Description: Clean git credentials before each agent run to prevent leaked credentials from earlier steps.

Generated by Changeset Generator

[pelikhan]

@copilot run git remote remove origin

[Copilot]

@copilot run git remote remove origin

Added git remote remove origin to completely remove the origin remote after cleaning credentials. (ec193a3)

[github-actions]

🔍 PR Triage Results

Category: chore | Risk: high | Priority: 29/100

Scores Breakdown

• Impact: 18/50 - Large workflow update (100 files) with security implications
• Urgency: 5/30 - Recent PR (0.4 hours old), low immediate urgency
• Quality: 6/20 - CI pending, draft status, minimal description

📋 Recommended Action: DEFER

⚠️ High Risk + Low Priority: While this PR addresses credential security (cleanup before agent execution), the large scope (100 files, 200 lines) combined with minimal description and draft status suggests it needs more development time.

Concerns:

• High-risk security change affecting 100 workflows
• Minimal description doesn't explain implementation details
• No test coverage mentioned
• Draft status indicates work in progress

Recommendation: Defer until:

1. PR is marked ready for review (non-draft)
2. Description expanded with implementation details and security rationale
3. Test coverage added to verify credentials are properly cleaned
4. Security review completed

Next Steps:

1. Author should provide detailed description of cleanup mechanism
2. Add tests demonstrating credential cleanup works correctly
3. Document why this change is needed and what attack vector it prevents
4. Request security team review before merge

---

Triaged by PR Triage Agent on 2026-02-10 00:45 UTC

AI generated by PR Triage Agent

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

✅ Changeset Generator completed successfully!

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

🧪 Smoke Project is now testing project operations...

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

Agent Container Tool Check

Tool	Status	Version
bash	✅	5.2.21
sh	✅	POSIX shell available
git	✅	2.52.0
jq	✅	1.7
yq	✅	v4.52.2
curl	✅	8.5.0
gh	✅	2.86.0
node	✅	v20.20.0
python3	✅	3.12.3
go	✅	1.24.12
java	⚠️	Binary present but execution issue
dotnet	⚠️	Binary present but execution issue

Result: 10/12 tools fully functional, 2/12 with execution issues ⚠️

Notes:

• Core development tools (bash, git, node, python, go) all working ✅
• Essential utilities (jq, yq, curl, gh) all working ✅
• Java and .NET binaries are present in /usr/lib/jvm/ and /usr/share/dotnet/ but show unexpected behavior when called via symlinks (executing bash instead)
• This may be a PATH or container configuration issue that needs investigation

AI generated by Agent Container Smoke Test

[github-actions]

✅ Smoke Project completed successfully. All project operations validated.

[github-actions]

PR titles: Apply strict matching to slash commands (startsWith + exact equality); Fix API key masking timing vulnerability in MCP setup generation
GitHub MCP: ✅
Serena MCP (activate + find_symbol>=3): ✅
Playwright (title contains "GitHub"): ✅
File write: ✅
Bash cat verify: ✅
Build (make build): ✅
Overall: PASS

AI generated by Smoke Codex

[github-actions]

Smoke Test Results: ✅ PASS

Last 2 Merged PRs:

• Apply strict matching to slash commands (startsWith + exact equality) #14702: Apply strict matching to slash commands
• Fix API key masking timing vulnerability in MCP setup generation #14701: Fix API key masking timing vulnerability

Tests: ✅ GitHub MCP | ✅ Safe Inputs GH CLI | ✅ Serena MCP | ✅ Playwright | ✅ File Writing | ✅ Bash | ✅ Discussion Comment | ✅ Build | ✅ Workflow Dispatch

Overall: All 9 tests passed

@pelikhan @Copilot

AI generated by Smoke Copilot

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤