agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI integrations, ensuring safe CI/CD practices.
Install this skill
or
39/100
Security score
The agentic-actions-auditor skill was audited on May 14, 2026 and we found 5 security issues across 2 threat categories, including 4 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 35
Template literal with variable interpolation in command context
SourceSKILL.md
| 35 | Wrong because tool restrictions can still be weaponized. Even restricted tools like `echo` can be abused for data exfiltration via subshell expansion (`echo $(env)`). A tool allowlist reduces attack s |
high line 211
Template literal with variable interpolation in command context
SourceSKILL.md
| 211 | - For each env var, note whether its value contains `${{ }}` expressions referencing event data (e.g., `${{ github.event.issue.body }}`, `${{ github.event.pull_request.title }}`) |
high line 233
Template literal with variable interpolation in command context
SourceSKILL.md
| 233 | | A | Env Var Intermediary | `env:` block with `${{ github.event.* }}` value + prompt reads that env var name | {baseDir}/references/vector-a-env-var-intermediary.md | |
high line 234
Template literal with variable interpolation in command context
SourceSKILL.md
| 234 | | B | Direct Expression Injection | `${{ github.event.* }}` inside prompt or system-prompt field | {baseDir}/references/vector-b-direct-expression-injection.md | |
low line 63
External URL reference
SourceSKILL.md
| 63 | Strip trailing slashes, `.git` suffix, and `www.` prefix. Handle both `http://` and `https://`. |
Scanned on May 14, 2026
View Security Dashboard