HomeSignal explorerSpoofed CI-notification claiming a new privileged build step has been "injected" into the repo's .github/workflows/ or GCB pipeline yaml. "Approve the injected step" CTA causes the developer to merge a malicious workflow job that exfiltrates GITHUB_TOKEN / cloud credentials. Real GitHub Actions / GCB pipeline-change notifications arrive from canonical CI senders — never from unknown domains demanding out-of-band approval for an "injected" build step. Sender NOT on the CI-publisher canonical allowlist (github.com, circleci.com, google.com, etc.). Source: Red-Team R8 multi-agent council C4 (supply-chain specialist).

WarningOther

Spoofed CI-notification claiming a new privileged build step has been "injected" into the repo's .github/workflows/ or GCB pipeline yaml. "Approve the injected step" CTA causes the developer to merge a malicious workflow job that exfiltrates GITHUB_TOKEN / cloud credentials. Real GitHub Actions / GCB pipeline-change notifications arrive from canonical CI senders — never from unknown domains demanding out-of-band approval for an "injected" build step. Sender NOT on the CI-publisher canonical allowlist (github.com, circleci.com, google.com, etc.). Source: Red-Team R8 multi-agent council C4 (supply-chain specialist).

cloud-build-step-injection

What this tier means

Warning signal — bulk / marketing / mild spam. Contributes to the trash score but is not by itself sufficient.

How Gorganizer detects this

Spoofed CI-notification claiming a new privileged build step has been "injected" into the repo's .github/workflows/ or GCB pipeline yaml. The "Approve the injected step" CTA causes the developer to merge a malicious workflow job that exfiltrates GITHUB_TOKEN or cloud credentials. Real GitHub Actions / GCB pipeline-change notifications arrive from canonical CI senders (github.com, google.com, circleci.com) — never from unknown domains demanding out-of-band approval for an "injected" build step. Supply-chain attack vector: merged malicious workflow step → GITHUB_TOKEN / cloud creds exfiltrated via CI environment. Sender NOT on the CI-publisher canonical allowlist. Source: Red-Team R8 multi-agent council C4 (supply-chain specialist).

False-positive guard

Every signal in Gorganizer feeds a multi-module score — never a sole verdict. This is a warning-tier signal — bulk / marketing / mild spam. It contributes to the trash score but never triggers deletion on its own. Gorganizer requires multiple signals + a margin over the safety floor before any email is moved to trash.

About the scoring engine

Gorganizer's scoring engine emits over 1,800 signals across six modules — headers, sender, subject, body, attachments, and structural metadata. Every email is scored by every module independently; the final verdict requires multiple modules to agree and the trash score to beat the safety floor by a margin.

Sacred safety guards — never delete starred emails, replies, calendar invites, receipts/invoices, or attachments — apply unconditionally regardless of any signal.

Browse all signalsSafety guaranteesJSON

Ready to clean your inbox?

Gorganizer scans your Gmail with this signal and 1,800+ others, then cleans everything in one click. $4.99 one-time, no subscription.

Get started