The Agent Skills Directory

[SAFE]: The skill focuses on enhancing CI/CD security by providing guidance and tools to harden GitHub Actions workflows against supply chain attacks and credential theft.
[SAFE]: The auditing scripts (scripts/agent.py and scripts/process.py) use the yaml.safe_load() function to parse workflow files. This is a critical security measure that prevents arbitrary code execution during the deserialization of potentially untrusted YAML content.
[SAFE]: No unauthorized data access, network exfiltration, or hardcoded credentials were detected. The scripts only interact with the local filesystem to read workflow configuration files for analysis.
[SAFE]: The documentation and references align with established security standards such as NIST SSDF, CIS Software Supply Chain Security, and the OWASP CI/CD Top 10 Risks.
[SAFE]: No evidence of obfuscation, prompt injection, or any mechanism for maintaining persistence was found in the analyzed files.

securing-github-actions-workflows