deploy_cicd
Automates CI/CD pipelines using GitHub Actions for efficient deployment and release management in software development.
Install this skill
Security score
The deploy_cicd skill was audited on Feb 9, 2026 and we found 12 security issues across 3 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 49 | ```yaml |
Template literal with variable interpolation in command context
| 214 | ```yaml |
Template literal with variable interpolation in command context
| 280 | ```yaml |
Template literal with variable interpolation in command context
| 303 | ```yaml |
Template literal with variable interpolation in command context
| 324 | ```yaml |
Template literal with variable interpolation in command context
| 375 | ```yaml |
Template literal with variable interpolation in command context
| 410 | - Access inputs via `${{ inputs.name }}` |
Template literal with variable interpolation in command context
| 429 | ```yaml |
Template literal with variable interpolation in command context
| 506 | ```yaml |
Access to hidden dotfiles in home directory
| 217 | path: ~/.npm |
Access to .env file
| 645 | vercel env pull .env.local |
External URL reference
| 756 | > **Kaynak:** [DORA Research (DORA.dev)](https://dora.dev/) & [GitHub Actions Hardening Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions) |