ci-cd-pipeline-patterns
This skill provides comprehensive guidance on designing and optimizing CI/CD pipelines using GitHub Actions and modern DevOps practices.
Install this skill
Security score
The ci-cd-pipeline-patterns skill was audited on Feb 9, 2026 and we found 40 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 140 | ```yaml |
Template literal with variable interpolation in command context
| 151 | ```yaml |
Template literal with variable interpolation in command context
| 262 | ```yaml |
Template literal with variable interpolation in command context
| 307 | ```yaml |
Template literal with variable interpolation in command context
| 334 | ```yaml |
Template literal with variable interpolation in command context
| 483 | ```yaml |
Template literal with variable interpolation in command context
| 561 | ```yaml |
Template literal with variable interpolation in command context
| 603 | ```yaml |
Template literal with variable interpolation in command context
| 664 | ```yaml |
Template literal with variable interpolation in command context
| 675 | ```yaml |
Template literal with variable interpolation in command context
| 740 | ```yaml |
Template literal with variable interpolation in command context
| 754 | ```yaml |
Template literal with variable interpolation in command context
| 817 | ```yaml |
Template literal with variable interpolation in command context
| 837 | ```yaml |
Template literal with variable interpolation in command context
| 863 | ```json |
Template literal with variable interpolation in command context
| 882 | ```yaml |
Template literal with variable interpolation in command context
| 902 | ```yaml |
Template literal with variable interpolation in command context
| 954 | ```yaml |
Template literal with variable interpolation in command context
| 986 | ```yaml |
Template literal with variable interpolation in command context
| 1104 | ```yaml |
Template literal with variable interpolation in command context
| 1146 | ```yaml |
Template literal with variable interpolation in command context
| 1175 | ```yaml |
Template literal with variable interpolation in command context
| 1215 | ```yaml |
Template literal with variable interpolation in command context
| 1331 | ```yaml |
Template literal with variable interpolation in command context
| 1361 | ```yaml |
Template literal with variable interpolation in command context
| 1416 | ```yaml |
Template literal with variable interpolation in command context
| 1434 | ```yaml |
Template literal with variable interpolation in command context
| 1458 | ```yaml |
Template literal with variable interpolation in command context
| 1494 | ```yaml |
Curl to non-GitHub URL
| 536 | curl -f https://green.example.com/health |
Curl to non-GitHub URL
| 623 | curl -f https://api.example.com/health |
Access to hidden dotfiles in home directory
| 311 | ~/.npm |
Access to hidden dotfiles in home directory
| 312 | ~/.cache |
External URL reference
| 470 | http://localhost:3000 |
External URL reference
| 471 | http://localhost:3000/dashboard |
External URL reference
| 536 | curl -f https://green.example.com/health |
External URL reference
| 623 | curl -f https://api.example.com/health |
External URL reference
| 641 | url: https://staging.example.com |
External URL reference
| 652 | url: https://example.com |
External URL reference
| 1141 | echo "url=https://${{ inputs.environment }}.example.com" >> $GITHUB_OUTPUT |