self-hosted-runner-hardening
OfficialHarden GitHub Actions runners with defense in depth.
Software Engineering#security#defense-in-depth#github-actions#hardening#runner#self-hosted#os-hardening
Authoradaptive-enforcement-lab
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Self-hosted GitHub Actions runners are exposed to OS-level and network vulnerabilities; this skill provides a comprehensive, defense-in-depth hardening guide to reduce attack surface and protect credentials.
Core Features & Use Cases
- OS-level hardening, user and permission controls, and service isolation for runner processes.
- Network isolation, process confinement (AppArmor), and file system restrictions to prevent data exfiltration and persistence.
- Use Case: When you deploy self-hosted runners in CI, apply these steps to harden the host, isolate the runner, and enable auditable security controls.
Quick Start
Run the self-hosted-runner-hardening skill on a Linux host to bootstrap security baselines and runtime protections.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: self-hosted-runner-hardening Download link: https://github.com/adaptive-enforcement-lab/claude-skills/archive/main.zip#self-hosted-runner-hardening Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.