A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.

💻 Workflow Data For Github Actions & Linux Server Testing of Lockdown Enterprise Content 💻

Offensive GitHub Actions attack surface analyzer : scan any repo for CI/CD vulnerabilities, pwn requests, supply chain risks, and secret leaks. Powered by 20 detection rules with CVSS scoring and OWASP CI/CD Top 10 mapping.

💻 Workflow Data For Github Actions & Windows Server Testing of Lockdown Enterprise Content 💻

Hands‑on examples of extending KICS to detect GitHub Actions exploitation techniques.

Local web app and CLI that maps GitHub Actions workflow blast radius from real YAML: triggers, permissions, actions, secrets, and fixes

GitHub Actions security scanner powered by OpenSSF Scorecard. Scan repositories, organizations, and user accounts for workflow vulnerabilities. Generate beautiful HTML, JSON, CSV, and Markdown reports with risk scoring and actionable insights.

VS Code extension: inline security scanning for GitHub Actions workflows

External admission gate for GitHub Actions.

AI Admissibility Action: external controlled negotiation protocol (CNP) for automated and AI-driven actions. This gate decides whether execution may continue.

AI Admissibility Boundary reference surface for the external admit authority model and its proof meaning.

面向构建工具的多层开发者访问控制 | Multi-layer developer access control for build tools

Pin GitHub Action tags to full commit SHAs and generate auditable lockfiles to prevent supply chain attacks

GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.

Scan CI/CD pipelines for security flaws to detect and validate software supply chain risks across major platforms.

Pre-commit security scanner for GitHub Actions workflows