Version updated for https://github.com/msaad00/agent-bom to version v0.76.1. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary agent-bom is an open-source security scanner designed to analyze the AI supply chain, including agents, MCP servers, packages, containers, cloud environments, GPUs, and runtime configurations. It automates the detection of vulnerabilities, misconfigurations, and exposed credentials, and provides actionable insights such as blast radius analysis, prioritized remediation plans, and pre-installation security checks. The tool supports a variety of use cases, including dependency scanning, cloud posture audits, container image analysis, and runtime traffic inspection, with options for visualization and reporting through a built-in dashboard.

Version updated for https://github.com/octoberswimmer/aer-dist to version v0.0.149. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The aer GitHub Action enables developers to validate and test Apex code by running a lightweight Salesforce-compatible runtime directly within their GitHub workflows. It automates the execution of Apex tests and debugging without requiring deployment to a Salesforce org, streamlining development cycles and improving efficiency. Key capabilities include test execution, code debugging, and support for SObject metadata, ensuring tests closely emulate Salesforce behavior.

Version updated for https://github.com/Pro-Bandey/multi-style-snake-contribution-grid to version v10.04.26. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The Multi-Style Snake Contribution Grid GitHub Action transforms your GitHub contribution graph into a dynamic, animated display with customizable styles, shapes, and themes. It automates user detection, generates high-quality GIF and SVG assets, and creates a gallery for previewing multiple variations in a dedicated output branch. This action enhances profile customization and visualizes contribution activity in a creative, shareable format.

Version updated for https://github.com/Richonn/ShieldCI to version v1.13.0. This action is used across all versions by 0 repositories. Action Type This is a Docker action. Go to the GitHub Marketplace to find the latest changes. Action Summary ShieldCI is a GitHub Action designed to automate the creation of secure CI/CD DevSecOps pipelines by detecting the project’s stack, generating appropriate workflows, and opening a pull request with the new configurations. It streamlines tasks such as static analysis (SAST), vulnerability scanning, secret detection, and SBOM generation, reducing manual effort while ensuring security best practices. Key capabilities include support for multiple programming languages, Docker/Kubernetes integration, and the inclusion of industry-standard security tools like Trivy, CodeQL, and Gitleaks.

Version updated for https://github.com/RonaldPhilipsen/semVersie to version v2.3.2. This action is used across all versions by 5 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary The semVersie GitHub Action automates the calculation of semantic version bumps (major, minor, or patch) based on conventional commit messages in pull requests. It helps streamline the versioning process by determining the next release version and optionally labeling pull requests with their version impact. This action is designed to be simple, language-agnostic, and lightweight, allowing users to integrate semantic versioning into their workflows without handling complex release processes.

Version updated for https://github.com/saddledata/pii-hound to version v0.1.8. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary pii-hound is a high-performance CLI tool designed to detect unprotected Personally Identifiable Information (PII) and Developer Secrets across databases, cloud storage, and local files. By using heuristic matching, regex sampling, and custom rules, it automates risk identification to prevent data breaches, supports integration with CI/CD pipelines, and offers compatibility with various data sources and formats. Its key capabilities include lightning-fast scanning, configurable policies, secrets detection, and machine-readable outputs for security monitoring and compliance.

Version updated for https://github.com/sonukapoor/cve-lite-cli to version v1.5.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary CVE Lite CLI is a GitHub Action designed to scan JavaScript and TypeScript projects for known vulnerabilities, providing actionable insights to prioritize and fix issues. It automates vulnerability detection with offline support, making it suitable for restricted or enterprise environments, and enhances developer workflows by offering fast, clear, and cost-effective security assessments. Key capabilities include zero-network scans using a local advisory database and seamless integration into CI/CD pipelines.

Version updated for https://github.com/sylvainsf/causinator9000 to version v1.5.0. This action is used across all versions by 1 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The Causinator 9000 is a reactive causal inference engine designed to identify the root causes of infrastructure degradations by analyzing a dependency graph, recent changes (mutations), and observed symptoms (signals). It automates the diagnosis process using Bayesian inference to compute the likelihood of specific changes causing issues, providing ranked, confidence-scored causal paths. This action helps teams quickly pinpoint and address the sources of system failures, minimizing downtime and improving debugging efficiency in complex cloud environments.

Version updated for https://github.com/taoq-ai/ziran to version v0.26.0. This action is used across all versions by 1 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary ZIRAN is a GitHub Action designed for security testing of AI agents, including those with tools, memory, and multi-step reasoning capabilities. It automates the detection of vulnerabilities by modeling agents as capability graphs to identify risks arising from tool interactions and multi-phase attack campaigns, which traditional prompt-based testing often overlooks. Key features include tool chain analysis, execution-level side-effect detection, autonomous pentesting, and multi-agent coordination, making it a comprehensive solution for assessing and mitigating security risks in AI systems.

Version updated for https://github.com/Vigilant-LLC/runner-guard to version v3.1.3. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Runner Guard is a CI/CD supply chain security scanner for GitHub Actions that identifies vulnerabilities such as pipeline injection, unpinned dependencies, AI configuration poisoning, and steganographic payloads in workflows. It automates tasks like detecting compromised package versions, auditing upstream dependency pipelines, and enforcing security best practices with features like auto-fixing issues, parallel multi-repo scanning, and integration with alerting systems. The action provides comprehensive reporting and continuous monitoring, enabling teams to enhance the security of their GitHub Actions workflows and dependencies.