Audit GitHub Actions workflows for permission, secret, pinning, and injection risks.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "GitHub Actions Audit" MCP server from askskill: Run: claude mcp add --transport http 'io-github-unbearabledev-github-actions-audit' 'https://unbearable-dev--github-actions-audit.apify.actor/mcp'
Please audit the GitHub Actions workflow security in this repository. Check 21 common issues including action version pinning, overly broad GITHUB_TOKEN permissions, unsafe secrets usage, and command injection risks. Output findings by severity with remediation advice.
A security audit report ranked by severity, listing findings, affected files, and remediation steps.
Compare the GitHub Actions workflows before and after this PR and identify newly introduced security risks, especially privilege escalation, unpinned third-party actions, and shell commands built from untrusted input. Explain why each issue is risky.
A PR-focused risk review highlighting new issues, their impact, and recommended fixes.
Based on the current GitHub Actions workflow configuration, provide a hardening checklist covering least privilege, action pinning, secret management, runner usage, and input validation, with actionable YAML change suggestions.
An actionable hardening checklist with concrete configuration advice and example changes.
Audit Compose, Dockerfile, GitHub Actions, and Kubernetes configs in one call.
Scan code and text for leaked secrets and exposed API credentials.
Review security risks for auth, inputs, secrets, APIs, and sensitive features.
Scan Python projects and GitHub repos for vulnerabilities, secrets, and AI risk insights.
Review architecture or code for security risks, vulnerabilities, and compliance issues.
Audit your environment and recommend the best Claude Code setup