SecScore

March 7, 2026

Version updated for https://github.com/cassiodeveloper/SecScore to version v0.1.0.

This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

SecScore is a security scoring engine designed for CI/CD pipelines that evaluates findings from SARIF-compatible security scanners and calculates a single security score for pull requests. It automates decision-making by determining whether a code change should pass, require review, or fail based on defined policies and critical vulnerability rules. This lightweight and scanner-agnostic tool streamlines security analysis, enabling clear, policy-driven, and automated security decisions for modern development workflows.

Release notes

Initial public release of SecScore.

Features:

Security scoring engine
SARIF support
GitHub Action integration
Policy driven security decisions

cassiodeveloper
GitHub Actions