github-actions-supply-chainlisted

# GitHub Actions Supply Chain Assessment ## Overview GitHub Actions workflows run arbitrary code with access to repository secrets and a `GITHUB_TOKEN`. A compromised or repointed action is indistinguishable from a legitimate one — the attack lands silently in your CI logs. This skill provides a structured checklist for assessing and hardening Actions supply chain risk. **Never rely on your knowledge of whether an action version is "safe". Run the checklist.** --- ## Assessment Checklist Work through every workflow file in `.github/workflows/`. For each file: - [ ] Every `uses:` reference is pinned to a full 40-character commit SHA - [ ] Third-party actions (outside the `actions/` and `github/` namespaces) are identified and risk-rated - [ ] A top-level or job-level `permissions:` block is present and minimally scoped - [ ] No `pull_request_target` trigger is used with `actions/checkout` of the PR head (fork poisoning risk) - [ ] No user-controlled input flows unsanitised into `run:` shell commands (script injection) - [ ] A `dependabot.yml` (or Renovate config) exists to keep pinned SHAs current --- ## SHA Pinning ### Why tags are unsafe A mutable tag (`@v4`) can be silently repointed to a different commit by anyone with push access to that repository — including an attacker who has compromised the maintainer's account. The `tj-actions/changed-files` incident (March 2025) demonstrated this at scale: a compromised action exfiltrated secrets from thousands of reposi