Agentic Actions Auditor
Audit GitHub Actions workflows for prompt-injection and security flaws in AI agent integrations (Claude Code Action, Gemini CLI, OpenAI Codex, GitHub AI Inference). Detects attacker-controlled input reaching agents in CI/CD.
AI coding agents wired into CI/CD are a new attack surface. This skill inspects workflow files for env-var intermediary patterns, direct expression injection, dangerous sandbox configs, and wildcard user allowlists that let attacker-controlled input reach an agent running in your pipeline.
When to use
Use when reviewing GitHub Actions workflows that invoke AI coding agents, auditing CI/CD pipelines for prompt-injection risk, or evaluating agentic action configurations and allowlists.
Examples
Audit an AI workflow
Check a Claude Code Action workflow for injection
Audit this GitHub Actions workflow that runs Claude Code for prompt-injection and untrusted-input risks
Review allowlists
Flag wildcard user permissions
Check our agentic CI workflows for wildcard allowlists and dangerous sandbox settings