[oblt-aw][security] SEC-010 — findings (2026-05-05)

## Security findings (SEC-010)

**Analysis date:** 2026-05-05
**Occurrences:** 1

### Details

1. **`.github/workflows/oblt-aw-ingress.yml`** — line **209** — **high** — zizmor [template-injection]: code injection via template expansion (https://docs.zizmor.sh/audits/#template-injection)

---
*Generated by oblt-aw security detector. Rules: [security-scanning-ruleset](https://github.com/elastic/oblt-aw/blob/main/docs/workflows/security-scanning-ruleset.md) (SEC-001–SEC-044, aligned with [observability-robots#3758](https://github.com/elastic/observability-robots/issues/3758)).*


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[oblt-aw][security] SEC-010 — findings (2026-05-05) #788

Security findings (SEC-010)

Details

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[oblt-aw][security] SEC-010 — findings (2026-05-05) #788

Description

Security findings (SEC-010)

Details

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions