Frisk — AI supply-chain scan
Version updated for https://github.com/Thandv/frisk to version v0.1.0.
- This action is used across all versions by ? repositories.
Action Type
This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed
First release. Static, zero-execution scanner for AI-agent content (MCP servers, skills, plugins): RCE, secret exfiltration, destructive ops, prompt-injection, tool-poisoning, hidden-unicode. Rug-pull detection (lock/verify), OWASP LLM Top 10 mapping, SARIF, GitHub Action, and an MCP server to vet-before-install. Install: pip install frisk-scan