Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests Jaroslav Lobacevski This post is the first in a series of posts about GitHub Actions security. Part 2, Part 3 In this article, we’ll discuss some common security malpractices for GitHub Actions and workflows, and how to best avoid them. Our examples are based on real-world GitHub workflow implementation vulnerabilitie
![Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://cdn-ak-scissors.b.st-hatena.com/image/square/0dfbe9a4a87f236810eee14241f2a38dfbb8b6e2/height=288;version=1;width=512/https%3A%2F%2Fsecuritylab.github.com%2Fassets%2Fimg%2Fsocial-card.png)