TrustCheck Python Package Scanner

April 12, 2026

Version updated for https://github.com/Halfblood-Prince/trustcheck-action to version v1.0.0.

This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The TrustCheck GitHub Action automates the evaluation of a PyPI package’s trustworthiness during CI workflows by running the trustcheck inspect command. It analyzes package metadata, provenance, publisher identity, repository alignment, and vulnerability records to provide a comprehensive trust posture report. This action helps teams identify potential risks or trust signals early in the software supply chain, ensuring informed decisions before package installation or promotion.

What’s Changed

Full Changelog: https://github.com/Halfblood-Prince/trustcheck-action/compare/v0.3.0...v1.0.0

Halfblood-Prince
GitHub Actions