Runner Guard

Version updated for https://github.com/Vigilant-LLC/runner-guard to version v2.4.1.

• This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Runner Guard is a security-focused GitHub Action that performs static taint analysis on CI/CD workflow files to detect vulnerabilities where attacker-controlled inputs (e.g., fork code, branch names, PR metadata) can lead to dangerous operations like secret exfiltration, shell execution, or supply chain attacks. It automates the detection of injection paths, AI configuration manipulation, and invisible Unicode payloads, addressing risks such as compromised repository credentials and undetectable malicious code. By proactively scanning workflows and related scripts, it mitigates critical CI/CD pipeline vulnerabilities and supply chain threats.

Release notes

Changelog

• 76f2245b29246aa585d37deb93e1f05225315df8 Fix Homebrew formula directory and update license to AGPL-3.0
• c69de3fb140110e1f9dccfa220c7ee23cbb50147 Fix install for container runners without sudo, upgrade codeql-action to v4

• Vigilant-LLC
• GitHub Actions