SkillEngenhariaRevisão
Secure GitHub Workflow Guide
Audit and harden GitHub Actions workflows - permissions, pinned actions, secrets handling, OIDC, untrusted-input boundaries.
Ações
PerfilDev
ProfundidadeAlta
Idiomaen-US
Objetivo
Em uma frase.
Use this skill when reviewing or writing GitHub Actions workflows for security. Covers least- privilege permissions, action pinning (SHA not tag), secret minimization, OIDC for cloud authentication, and isolation of untrusted PR contexts.
Constelação
Onde
ela vive.
Bundles que incluem