github-actions-security-cheat-sheet
OfficialConcise, actionable GitHub Actions security patterns.
Software Engineering#security#github-actions#ci-cd#secret-management#action-pinning#workflow-hardening
Authoradaptive-enforcement-lab
Version1.0.0
Installs0
System Documentation
What problem does it solve?
The GitHub Actions Security Cheat Sheet provides a concise, ready-to-use reference of proven security patterns to harden workflows, reducing misconfigurations and security debt.
Core Features & Use Cases
- Action pinning guidance: Learn to pin actions to immutable SHAs and include version comments to prevent supply chain drift.
- Minimal permissions and secrets best practices: Enforce minimal workflow and job permissions, use OIDC where possible, and avoid storing credentials.
- Runner hardening and workflow hardening patterns: Apply safe runner configurations and workflow-level protections to reduce blast radius.
- Use cases include securing CI/CD pipelines across teams, onboarding new repos with security baselines, and auditing existing workflows for compliance.
Quick Start
Open the cheat sheet and start by pinning actions to SHA sums and setting minimal permissions in your workflows.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: github-actions-security-cheat-sheet Download link: https://github.com/adaptive-enforcement-lab/claude-skills/archive/main.zip#github-actions-security-cheat-sheet Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.