Automated scan of GitHub Actions workflows across a GitHub organization to identify security vulnerabilities in CI/CD pipelines, classify publishing workflows, verify published artifacts against registries, and flag ASF policy violations.
Built on Gofannon — see docs/gofannon for platform setup.
The pipeline scans all .github/ directories across an organization's repositories, caches the workflow YAML, and runs four analysis passes:
gha_orchestrator │ ├──▸ gha_prefetch (caches workflow YAML from GitHub API) │ ├──▸ gha_publishing (LLM-classifies workflows) ├──▸ gha_security (security checks + per-PMC reports) │ ├──▸ gha_publishing_detail (YAML parsing + GitHub API run history) ├──▸ gha_artifact_verify (registry API queries) ├──▸ gha_action_health (GitHub Actions dependency health) ├──▸ gha_bernies (project dependency bus factor) │ ├──▸ gha_review (combined risk assessment) ├──▸ gha_brief (executive action plan) └──▸ gha_json_export (machine-readable export)
Run the gha_orchestrator agent with:
| Input | Value |
|---|---|
github_owner | apache |
read_pat | ghp_... (read access to org repos) |
write_repo | apache/tooling-agents-private |
write_directory | gha-review/reports |
write_pat | ghp_... (write access to write_repo) |
Optional: fresh: true to clear all cached data and start from scratch.
Output is organized into three levels:
reports/
├── brief.md, review.md start here
├── security.md, publishing.md org-wide analysis
├── publishing_detail.md enriched workflow data
├── publishing_risks.md dangerous patterns
├── artifact_verification.md registry cross-reference
├── bernies.md project dependency bus factor
├── action_health.md GitHub Actions dependency health
├── json_export.json machine-readable
├── channels/ per-channel publishing detail
│ ├── pypi.md, npm.md, maven_central.md, docker_hub.md, ...
│ └── (production and staging channels)
└── pmcs/ per-project security reports
├── airflow.md, beam.md, casbin.md, flink.md, ...
└── (includes cross-run progress tracking)
12 checks covering the most common GitHub Actions attack patterns:
| Check | Severity | What It Detects |
|---|---|---|
prt_checkout | CRITICAL-INFO | pull_request_target + checkout of PR head |
self_hosted_runner | HIGH-INFO | Self-hosted runners exposed to PR triggers |
run_block_injection | LOW-CRITICAL | ${{ }} interpolation in run blocks |
unpinned_actions | MEDIUM | Third-party actions referenced by mutable tags |
broad_permissions | LOW-HIGH | GITHUB_TOKEN with excessive scopes |
composite_action_input_injection | MEDIUM | Input interpolation in composites |
composite_action_unpinned | MEDIUM | Unpinned actions in composites |
composite_action_injection | LOW | Interpolation in composite run blocks |
missing_dependency_updates | LOW | No dependabot/renovate config |
cache_poisoning | INFO | actions/cache with PR trigger |
third_party_actions | INFO | Actions outside trusted namespaces |
See agents/README.md for severity matrices, caching details, ASF policy integration, and the full agent reference.