github-actions-templates
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The workflow templates follow established security practices for GitHub Actions, including the use of specific versions and environment-based secret handling.
- [EXTERNAL_DOWNLOADS]: References official GitHub Actions from well-known and trusted organizations like GitHub, Docker, AWS, and security providers (Snyk, Aqua Security).
- [CREDENTIALS_UNSAFE]: Uses mock AWS keys within a documentation section explicitly highlighting them as dangerous anti-patterns for educational purposes to warn users against hardcoding secrets.
- [COMMAND_EXECUTION]: Utilizes standard package management and deployment commands (npm, pip, kubectl) appropriate for the defined CI/CD tasks.
Audit Metadata