GH_WriteOrganizationActionsSecrets

Edge Schema

Source: GH_OrgRole
Destination: GH_Organization
Traversable: ❌

General Information

The non-traversable GH_WriteOrganizationActionsSecrets edge represents that a role can write organization-level GitHub Actions secrets. This edge is dynamically generated from custom organization role permissions discovered by the collector. Organization-level secrets are available to workflows across multiple repositories and often contain credentials for external systems such as cloud providers, package registries, and deployment targets. An attacker with this permission could overwrite existing secrets to inject malicious credentials or create new secrets to facilitate lateral movement.

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

GH_WriteOrganizationActionsSecrets

Edge Schema

General Information

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

​Edge Schema

​General Information

Edge Schema

General Information