A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.
💻 Workflow Data For Github Actions & Linux Server Testing of Lockdown Enterprise Content 💻
💻 Workflow Data For Github Actions & Windows Server Testing of Lockdown Enterprise Content 💻
面向构建工具的多层开发者访问控制 | Multi-layer developer access control for build tools
GitHub Actions security scanner powered by OpenSSF Scorecard. Scan repositories, organizations, and user accounts for workflow vulnerabilities. Generate beautiful HTML, JSON, CSV, and Markdown reports with risk scoring and actionable insights.
VS Code extension: inline security scanning for GitHub Actions workflows
Pre-commit security scanner for GitHub Actions workflows
Scan CI/CD pipelines for security flaws to detect and validate software supply chain risks across major platforms.
GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.
Add a description, image, and links to the workflow-security topic page so that developers can more easily learn about it.
To associate your repository with the workflow-security topic, visit your repo's landing page and select "manage topics."