agentic-actions-auditor
CommunityAudit AI actions in GitHub Actions for security.
Authorofelixdev
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill identifies and analyzes security vulnerabilities in GitHub Actions workflows that integrate with AI coding agents, protecting your CI/CD pipelines from prompt injection and other AI-specific attack vectors.
Core Features & Use Cases
- AI Action Identification: Detects usage of Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference.
- Attack Vector Detection: Analyzes for prompt injection, env var intermediaries, dangerous sandbox configurations, and wildcard user allowlists.
- Security Context Capture: Gathers trigger events, environment variables, and permissions for comprehensive analysis.
- Use Case: You need to ensure your CI/CD pipelines are secure against AI-specific attacks. This Skill will audit your GitHub Actions workflows, flag any risky AI integrations, and provide detailed reports on potential vulnerabilities.
Quick Start
Use the agentic-actions-auditor skill to audit the GitHub Actions workflows in the current repository for security vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: agentic-actions-auditor Download link: https://github.com/ofelixdev/cc-kit/archive/main.zip#agentic-actions-auditor Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.