wrdn-gha-workflows
OfficialDetect exploitable GitHub Actions workflows.
Software Engineering#security#supply-chain#github-actions#reusable-workflows#workflow-audit#expression-injection#privileged-context
Authorgetsentry
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security reviewers identify and trace exploitable GitHub Actions workflows where attacker-controlled inputs reach privileged steps, enabling code execution, secret leakage, or runner compromise.
Core Features & Use Cases
- Trace risks across .github/workflows, action.yml, and reusable workflows to map end-to-end exploit chains.
- Provide structured findings with entry points, inputs, sinks, and remediation guidance for PRs, workflow_call, and workflow_dispatch scenarios.
- Use documented references to distinguish safe patterns from exploit patterns and to calibrate severity.
Quick Start
Review the repository's workflows to surface exploitable input-to-sink chains and suggest concrete hardening steps.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: wrdn-gha-workflows Download link: https://github.com/getsentry/warden-skills/archive/main.zip#wrdn-gha-workflows Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.