securing-github-actions-workflows

Community

Secure your GitHub Actions workflows against common vulnerabilities.

AuthorRazisafir
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This skill addresses the security risks associated with GitHub Actions workflows, including supply chain attacks, credential theft, and privilege escalation.

Core Features & Use Cases

  • Hardening Workflows: Provides guidelines and scripts to harden GitHub Actions workflows against common vulnerabilities.
  • Action Pinning: Ensures actions are pinned to SHA digests to prevent supply chain attacks.
  • Permission Minimization: Recommends minimizing GITHUB_TOKEN permissions to reduce the risk of credential theft.
  • Secret Protection: Offers strategies to protect secrets and environment variables from exfiltration.
  • Preventing Script Injection: Provides guidance on preventing script injection in workflow expressions.
  • Workflow Change Controls: Recommends implementing required reviewers for workflow changes to maintain audit trails.

Quick Start

Run the 'agent.py' script to audit your GitHub Actions workflows for security issues.

Dependency Matrix

Required Modules

yamlrejsonpathlib

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: securing-github-actions-workflows
Download link: https://github.com/Razisafir/KOVIX/archive/main.zip#securing-github-actions-workflows

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.