Version updated for https://github.com/tryflare-ai/incident-scope to version v1. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. What’s Changed Trigger from any repo during an active incident to get a correlated timeline and AI-generated narrative in a GitHub Issue. What it does Pulls cloud audit logs for a time window from your connected GCP environment Runs AI analysis focused on lateral movement, privilege escalation, and cross-service correlation Creates a GitHub Issue with a timeline table, narrative summary, and severity counts Usage name: Incident Scope on: workflow_dispatch: inputs: time_from: description: 'Start of incident window (ISO 8601)' required: true time_to: description: 'End of incident window' required: false jobs: scope: runs-on: ubuntu-latest permissions: issues: write steps: - uses: tryflare-ai/incident-scope@v1 with: token: ${{ secrets.FLARE_API_KEY }} time-from: ${{ inputs.time_from }} time-to: ${{ inputs.time_to }} Requirements - Flare account with a connected GCP connector (sign up) - API key from Settings > API Keys - issues: write permission on the workflow Limits - Max time window: 24 hours - Max events: 5,000 (severity-prioritized truncation) - Daily limit: 10 analyses/day - Latency: under 90s for windows under 4 hours

Version updated for https://github.com/tryflare-ai/pr-security-check to version v1. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. What’s Changed Catch IAM misconfigurations, overly broad permissions, and privilege escalation paths before they reach production. What it does Reviews Terraform, CloudFormation, and IAM policy changes on every pull request. Posts findings as a PR comment with severity scores, plain-English explanations, and specific fix suggestions.