reusable-workflow-security
OfficialSecure reusable GitHub Actions workflows.
Authoradaptive-enforcement-lab
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Reusable workflows in GitHub Actions execute with the caller's security context, which can lead to privilege escalation if inputs are unvalidated, callers are untrusted, or workflow references are unpinned.
Core Features & Use Cases
- Input validation patterns to enforce allowlists and safe data handling for workflow_call inputs.
- Secret handling strategies including explicit passing and selective inheritance to minimize exposure.
- Reference pinning and secure reference validation to prevent supply chain risks in reusable workflows.
Quick Start
Define a secure reusable workflow call by validating inputs, pinning references, and explicitly passing secrets.
Dependency Matrix
Required Modules
None requiredComponents
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: reusable-workflow-security Download link: https://github.com/adaptive-enforcement-lab/claude-skills/archive/main.zip#reusable-workflow-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.