Skip to content

Supply chain: Actions workflow audit #10

Open
Open
Supply chain: Actions workflow audit#10
Assignees
nakberli841-bot
Labels
area: backendBackend service or librarysupply-chainGitHub Actions audittype: featureNew functionality
@martian56

Description

@martian56
martian56
opened on Jun 9, 2026

Audit GitHub Actions usage across repositories.

  • Parse workflows and flag unpinned actions, broad permissions, and missing OIDC
  • Compute a risk score per workflow
  • Endpoint, scan workers, and tests

Metadata

Metadata

Assignees

Labels

area: backendBackend service or librarysupply-chainGitHub Actions audittype: featureNew functionality

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions