Skip to main content

Agentic Actions Auditor

Plugin Active
Part of:Trailofbits

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations (Claude Code Action, Gemini CLI, OpenAI Codex, GitHub AI Inference)

1 Skill 0 MCPs
Purpose

To help security auditors and developers identify and remediate security risks in GitHub Actions workflows that integrate AI agents, ensuring secure CI/CD pipelines.

Features

  • Audits GitHub Actions workflows for AI agent security vulnerabilities
  • Detects specific attack vectors like env var intermediary, direct expression injection, and wildcard allowlists
  • Supports multiple AI agent integrations (Claude Code, Gemini CLI, OpenAI Codex, GitHub AI Inference)
  • Provides detailed findings with impact, evidence, data flow, and remediation guidance

Use Cases

  • Auditing CI/CD pipelines that use AI agents for security risks
  • Reviewing GitHub Actions workflow configurations for prompt injection vulnerabilities
  • Ensuring secure defaults for AI-assisted code review and agentic actions
  • Assessing the security impact of attacker-controlled input on AI agents running in CI

Non-Goals

  • Performing runtime prompt injection testing or exploitation
  • Auto-fixing or modifying workflow files
  • Auditing non-GitHub CI/CD systems
  • Analyzing workflows that do not use AI agent actions

Trust

  • warning:Issues AttentionThere are 13 open issues and 4 closed issues in the last 90 days, indicating slow issue closure and potential maintainer bottleneck.

Installation

First, add the marketplace

/plugin marketplace add trailofbits/skills
/plugin install agentic-actions-auditor@trailofbits

Contains 1 extensions

Skill (1)

Agentic Actions Auditor Skill

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines, including env var intermediary patterns, direct expression injection, dangerous sandbox configurations, and wildcard user allowlists. Use when reviewing workflow files that invoke AI coding agents, auditing CI/CD pipeline security for prompt injection risks, or evaluating agentic action configurations.

99

Quality Score

75 /100
Analyzed about 11 hours ago

Trust Signals

Last commit3 days ago
GitHub owner trailofbits (opens in new tab)
Stars5.2k
LicenseCC-BY-SA-4.0
Status
View Source

Similar Extensions

Agent Almanac

99

350 agentic skills across 64 domains, 72 agent personas, and 16 team compositions following the agentskills.io open standard

Plugin
pjt222

Ruflo Security Audit

99

Security review, dependency scanning, policy gates, and CVE monitoring

Plugin
ruvnet

Shell Scripting Plugins

99

Production-grade Bash scripting with defensive programming, POSIX compliance, and comprehensive testing

Plugin
wshobson

Review Agent Governance

99

Require a human approval signal before an AI agent can post PR reviews, comments, merges, or writes to CI config. Cedar-gated, receipt-signed, designed for the Hermes-style failure mode where a review bot posts without oversight.

Plugin
wshobson

Performance Testing Review

99

Performance analysis, test coverage review, and AI-powered code quality assessment

Plugin
wshobson

Comprehensive Review

99

Multi-perspective code analysis covering architecture, security, and best practices

Plugin
wshobson

© 2025 SkillRepo · Find the right skill, skip the noise.