TrustFix OIDC Security Scanner

Version updated for https://github.com/trustfix/trustfix-action to version v1.0.0.

• This action is used across all versions by ? repositories.

Action Type

This is a Node action using Node version 20.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

TrustFix OIDC Security Scanner is a GitHub Action designed to identify and address vulnerabilities in GitHub Actions workflows related to OpenID Connect (OIDC) trust policies. It automates the detection of six critical security issues, including missing permissions, hardcoded credentials, and overly broad access, helping developers ensure secure and compliant workflows. The action provides detailed findings directly in pull requests and workflow logs, enabling proactive resolution of security risks.

Release notes

Free GitHub Action that scans your workflows for OIDC security vulnerabilities and posts findings as PR comments. Detects 6 critical issue types including missing sub conditions, wildcard trust policies, and long-lived credentials.

2-minute install. Zero configuration required.

• trustfix
• GitHub Actions