Edge Schema
- Source: GH_Repository, GH_Environment
- Destination: GH_OrgSecret, GH_RepoSecret, GH_EnvironmentSecret
- Traversable: ✅
General Information
The traversable GH_HasSecret edge represents the relationship between a repository or environment and the secrets accessible within that context. Created byGit-HoundOrganizationSecret, Git-HoundSecret, and Git-HoundEnvironment, this edge shows which secrets are available in which scopes. Repositories can have access to both organization-level secrets (scoped to selected repositories) and repository-level secrets, while environments contain their own environment-scoped secrets. This edge is traversable because any principal that can push code to a repository (via GH_CanWriteBranch or GH_CanCreateBranch) can write a workflow that exfiltrates the secret values at runtime, making this a meaningful link in attack path analysis.