Merge branch 'fix/security-scan-remediations' into 'main'

fix: remediate critical/high security scanner findings

See merge request proserve/genaiid/reusable-assets/fullstack-agentcore-solution-template!42

Author: kaleko

.github/workflows/ash-security-comment.yml

@@ -16,7 +16,7 @@ jobs:
     if: github.event.workflow_run.event == 'pull_request'
     steps:
       - name: Download artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
         with:
           name: ash-security-results
           path: /tmp/ash-results

.github/workflows/label.yml

@@ -2,6 +2,10 @@ name: Labeler
 
 on: [pull_request_target]
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   label:
     runs-on: ubuntu-latest

.github/workflows/repo-stats.yml

@@ -10,6 +10,9 @@ on:
         - cron: "0 11 * * *"
     workflow_dispatch: # Allow manual triggering from the Actions tab.
 
+permissions:
+    contents: write
+
 jobs:
     collect-stats:
         name: collect-repo-stats

docker/Dockerfile.frontend.dev

@@ -17,5 +17,9 @@ COPY . .
 # Expose port
 EXPOSE 3000
 
+# Healthcheck for container orchestration (dev server)
+HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
+  CMD wget -qO- http://localhost:3000/ || exit 1
+
 # Start development server (--host exposes to Docker network)
 CMD ["npm", "run", "dev", "--", "--host"]

docs/AGENTCORE_EVALUATIONS_GUIDE.md

@@ -481,7 +481,7 @@ Each log event contains a JSON object with OpenTelemetry-style attributes:
     "gen_ai.evaluation.score.label": "Very Helpful",
     "gen_ai.evaluation.explanation": "The response directly addresses the user's question with relevant and actionable information..."
   },
-  "traceId": "abc123def456",
+  "traceId": "abc123def456",  // pragma: allowlist secret (example placeholder, not a real secret)
   "spanId": "789ghi",
   "sessionId": "session-456",
   "timestamp": "2026-02-17T00:42:42.086Z"

frontend/package-lock.json

@@ -60,7 +60,7 @@ def send_response(
         headers={"Content-Type": "application/json"},
         method="PUT",
     )
-    urllib.request.urlopen(req)
+    urllib.request.urlopen(req)  # nosec B310 B113 — URL is the CloudFormation pre-signed ResponseURL, not user-controlled
 
 
 def download_wheels(requirements: list[str], download_dir: Path) -> None:

infra-cdk/lambdas/zip-packager/index.py

@@ -995,6 +995,7 @@ export class BackendStack extends cdk.NestedStack {
    */
   private readDirRecursive(dirPath: string, prefix: string, output: Record<string, string>): void {
     for (const entry of fs.readdirSync(dirPath, { withFileTypes: true })) {
+      // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal — dirPath is derived from __dirname-relative CDK build paths, not user input
       const fullPath = path.join(dirPath, entry.name)
       const relativePath = path.join(prefix, entry.name)
 

infra-cdk/lib/backend-stack.ts

@@ -47,6 +47,7 @@ export class ConfigManager {
   }
 
   private _loadConfig(configFile: string): AppConfig {
+    // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal — configFile is a hardcoded filename from the CDK app entry point, not user input
     const configPath = path.join(__dirname, "..", "..", configFile)
 
     if (!fs.existsSync(configPath)) {
@@ -112,6 +113,7 @@ export class ConfigManager {
     return this.config
   }
 
+  // nosemgrep: javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop — iterates over a trusted local YAML config object, not user-controlled input
   public get(key: string, defaultValue?: any): any {
     const keys = key.split(".")
     let value: any = this.config