A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.

💻 Workflow Data For Github Actions & Linux Server Testing of Lockdown Enterprise Content 💻

💻 Workflow Data For Github Actions & Windows Server Testing of Lockdown Enterprise Content 💻

Local web app and CLI that maps GitHub Actions workflow blast radius from real YAML: triggers, permissions, actions, secrets, and fixes

External admission gate for GitHub Actions.

Hands‑on examples of extending KICS to detect GitHub Actions exploitation techniques.

Offensive GitHub Actions attack surface analyzer : scan any repo for CI/CD vulnerabilities, pwn requests, supply chain risks, and secret leaks. Powered by 20 detection rules with CVSS scoring and OWASP CI/CD Top 10 mapping.

GitHub Actions security scanner powered by OpenSSF Scorecard. Scan repositories, organizations, and user accounts for workflow vulnerabilities. Generate beautiful HTML, JSON, CSV, and Markdown reports with risk scoring and actionable insights.

VS Code extension: inline security scanning for GitHub Actions workflows

Pre-commit security scanner for GitHub Actions workflows

External controlled negotiation protocol (CNP) for automated and AI-driven actions. Not another scanner. This gate decides whether execution may continue. Commercial access: Hosted Authority.

面向构建工具的多层开发者访问控制 | Multi-layer developer access control for build tools

Boundary reference surface for the external admit authority model and its proof meaning.

Scan CI/CD pipelines for security flaws to detect and validate software supply chain risks across major platforms.

GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.

Pin GitHub Action tags to full commit SHAs and generate auditable lockfiles to prevent supply chain attacks