Skip to content

Add GHA Scanner to IaC Security section#5

Closed
raajheshkannaa wants to merge 1 commit intorezmoss:mainfrom
raajheshkannaa:add-gha-scanner
Closed

Add GHA Scanner to IaC Security section#5
raajheshkannaa wants to merge 1 commit intorezmoss:mainfrom
raajheshkannaa:add-gha-scanner

Conversation

@raajheshkannaa
Copy link
Copy Markdown

@raajheshkannaa raajheshkannaa commented Mar 24, 2026

Add GHA Scanner

GHA Scanner is a free, open-source security scanner for GitHub Actions workflows.

  • 25 security checks across 8 categories (injection risks, permissions, secrets exposure, pinning, OIDC, caching, runner security, and more)
  • Available as a web UI, CLI, and GitHub Action on the marketplace
  • MIT licensed

It fits alongside zizmor in the Infrastructure as Code Security section as another tool for scanning GitHub Actions workflow files for security issues.

I use and maintain this tool.

@raajheshkannaa
Add GHA Scanner to Infrastructure as Code Security section
f15bcd6 
Add GHA Scanner (https://github.com/raajheshkannaa/gha-scanner), an open-source
security scanner for GitHub Actions workflows with 25 checks across 8 categories.
@raajheshkannaa
Copy link
Copy Markdown
Author

raajheshkannaa commented Apr 1, 2026

Closing for now. The repo is under 30 days old and below the 5-star minimum. Will resubmit once both thresholds are met.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@raajheshkannaa