ci-cd-security
OfficialSecure CI/CD pipelines with least privilege
Software Engineering#security#supply-chain#github-actions#ci-cd#least-privilege#pin-sha#runner-hardening
AuthorHack23
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Security-focused guidance and templates to harden CI/CD pipelines using GitHub Actions, with emphasis on least privilege, pinning actions, and supply-chain controls.
Core Features & Use Cases
- Establishes least-privilege permissions for GitHub Actions workflows across builds, tests, and deployments.
- Pins actions to commit SHAs to prevent drift and ensure reproducibility.
- Integrates runner hardening, secret management, dependency reviews, and code scanning as a unified security baseline.
- Suitable for teams adopting secure SDLC practices and auditing CI/CD processes.
Quick Start
Deploy the Secure Workflow starter template to implement a secure, auditable CI/CD pipeline in your repository.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ci-cd-security Download link: https://github.com/Hack23/riksdagsmonitor/archive/main.zip#ci-cd-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.