bitwarden-workflow-linter-rules
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides a set of reference rules for auditing and fixing GitHub Actions workflows, specifically focused on security hardening and standardization.\n- [SAFE]: Includes instructions for pinning actions to full commit SHAs, which is a critical defense against supply chain attacks and tag-floating risks.\n- [SAFE]: Recommends the use of explicit, restricted permissions for workflows and jobs to follow the principle of least privilege.\n- [COMMAND_EXECUTION]: Guides the agent in using standard, trusted tools like the GitHub CLI (gh) and actionlint to verify configurations and fetch commit metadata.
Audit Metadata