A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.
-
Updated
Jul 11, 2026 - Go
A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.
GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.
💻 Workflow Data For Github Actions & Linux Server Testing of Lockdown Enterprise Content 💻
Offensive GitHub Actions attack surface analyzer : scan any repo for CI/CD vulnerabilities, pwn requests, supply chain risks, and secret leaks. Powered by 20 detection rules with CVSS scoring and OWASP CI/CD Top 10 mapping.
Harden and manage your GitHub Actions: SHA-pin every action, enforce allowlist policies, update interactively, and analyze run health
💻 Workflow Data For Github Actions & Windows Server Testing of Lockdown Enterprise Content 💻
Hands‑on examples of extending KICS to detect GitHub Actions exploitation techniques.
Static analysis for AI automation workflows. Find prompt-injection paths, overpowered tools, and write-capable agent jobs before they run.
Local web app and CLI that maps GitHub Actions workflow blast radius from real YAML: triggers, permissions, actions, secrets, and fixes
A lightweight .NET CLI that scans GitHub Actions workflows for security, reliability, performance, and cost issues.
External admission gate for GitHub Actions.
AI Admissibility Action: external controlled negotiation protocol (CNP) for automated and AI-driven actions. This gate decides whether execution may continue.
Scan GitHub Actions workflows for untrusted artifact uploads crossing into privileged deploy jobs.
Safe synthetic demo for agentic-workflow-guard
GitHub Actions security scanner powered by OpenSSF Scorecard. Scan repositories, organizations, and user accounts for workflow vulnerabilities. Generate beautiful HTML, JSON, CSV, and Markdown reports with risk scoring and actionable insights.
VS Code extension: inline security scanning for GitHub Actions workflows
Scan GitHub Actions, agent instructions, and MCP configs for AI-agent injection risks
Static security scanner for GitHub Actions workflows — 10 rules mapped to the OWASP Top 10 CI/CD risks.
AI Admissibility Boundary reference surface for the external admit authority model and its proof meaning.
Add a description, image, and links to the workflow-security topic page so that developers can more easily learn about it.
To associate your repository with the workflow-security topic, visit your repo's landing page and select "manage topics."