diff --git a/queries/default-setup-environment-variables.ql b/queries/default-setup-environment-variables.ql
new file mode 100644
index 000000000..43874c97c
--- /dev/null
+++ b/queries/default-setup-environment-variables.ql
@@ -0,0 +1,50 @@
+/**
+ * @name Some environment variables may not exist in default setup workflows
+ * @id javascript/codeql-action/default-setup-env-vars
+ * @kind problem
+ * @severity error
+ */
+
+import javascript
+
+bindingset[envVar]
+predicate isSafeForDefaultSetup(string envVar) {
+  // Ignore internal Code Scanning environment variables
+  envVar.matches("CODE_SCANNING_%") or
+  envVar.matches("CODEQL_%") or
+  envVar.matches("CODESCANNING_%") or
+  envVar.matches("LGTM_%") or
+  // The following environment variables are known to be safe for use with default setup
+  envVar =
+    [
+      "GITHUB_ACTION_REF", "GITHUB_ACTION_REPOSITORY", "GITHUB_ACTOR", "GITHUB_API_URL",
+      "GITHUB_BASE_REF", "GITHUB_EVENT_NAME", "GITHUB_JOB", "GITHUB_RUN_ATTEMPT", "GITHUB_RUN_ID",
+      "GITHUB_SHA", "GITHUB_REPOSITORY", "GITHUB_SERVER_URL", "GITHUB_TOKEN", "GITHUB_WORKFLOW",
+      "GITHUB_WORKSPACE", "GOFLAGS", "JAVA_TOOL_OPTIONS", "RUNNER_ARCH", "RUNNER_NAME", "RUNNER_OS",
+      "RUNNER_TEMP", "RUNNER_TOOL_CACHE"
+    ]
+}
+
+predicate envVarRead(DataFlow::Node node, string envVar) {
+  node =
+    any(DataFlow::PropRead read |
+      read = NodeJSLib::process().getAPropertyRead("env").getAPropertyRead() and
+      envVar = read.getPropertyName()
+    ) or
+  node =
+    any(DataFlow::CallNode call |
+      call.getCalleeName().matches("get%EnvParam") and
+      envVar = call.getArgument(0).getStringValue()
+    )
+}
+
+from DataFlow::Node read, string envVar
+where
+  envVarRead(read, envVar) and
+  not isSafeForDefaultSetup(envVar)
+select read,
+  "The environment variable " + envVar +
+    " may not exist in default setup workflows. If all uses are safe, add it to the list of " +
+    "environment variables that are known to be safe in " +
+    "'queries/default-setup-environment-variables.ql'. If this use is safe but others are not, " +
+    "dismiss this alert as a false positive."