Version updated for https://github.com/decoy-run/decoy-scan to version v1. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The decoy-scan GitHub Action is a security analysis tool designed to identify vulnerabilities in MCP server configurations, such as risky tools, prompt injection risks, toxic data flows, and exposed secrets. It automates security scanning, enforces customizable policies, and integrates with GitHub’s Security tab to provide actionable findings, mapped to the OWASP Agentic Top 10.