gh-actions-validator
CommunitySecure your GitHub Actions workflows.
AuthorNovaAI-innovation
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses security vulnerabilities in GitHub Actions workflows, particularly those deploying to Google Cloud, by enforcing best practices like Workload Identity Federation (WIF) and least privilege IAM.
Core Features & Use Cases
- Workflow Auditing: Scans existing GitHub Actions workflows for security issues.
- WIF Enforcement: Validates the use of Workload Identity Federation and flags the use of insecure service account keys.
- IAM Role Review: Checks for adherence to the principle of least privilege for service accounts.
- Use Case: Automatically audit your CI/CD pipelines to ensure they are not exposing sensitive credentials and are configured for secure deployments to Google Cloud.
Quick Start
Validate the security of your GitHub Actions workflows in the '.github/workflows/' directory.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: gh-actions-validator Download link: https://github.com/NovaAI-innovation/Infinite-Agency/archive/main.zip#gh-actions-validator Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.