[GH-ISSUE #723] [SUBMISSION] Workflow Guardian — GitHub Actions Security Validator #2771

Open
opened 2026-04-23 22:47:16 -05:00 by GiteaMirror · 0 comments
Owner

Originally created by @ollieb89 on GitHub (Mar 21, 2026).
Original GitHub issue: https://github.com/sdras/awesome-actions/issues/723

Tool Submission for awesome-actions

I'd like to submit Workflow Guardian to the awesome-actions directory.

Details

Tool Name: Workflow Guardian
Repository: https://github.com/ollieb89/workflow-guardian
License: MIT
Category: Security & Linting

Description

A comprehensive linter and security validator for GitHub Actions workflow files that catches real security issues beyond GitHub's built-in validation:

  • Secret exposure detection — identifies leaked API keys and tokens in logs
  • YAML validation — schema validation and syntax checking
  • Runner security — best practices for runner configuration and isolation
  • Secrets management — compliance with secrets handling patterns
  • Audit logging — tracks workflow configuration changes

Why it fits awesome-actions

✓ Actively maintained and open source (MIT)
✓ Solves real security pain points for GitHub Actions users
✓ Direct workflow integration without extra infrastructure
✓ Community-focused, open to feedback and contributions

Author

Submitted by @ollieb89


Would appreciate feedback on whether this is a good fit for the directory. Thanks!

Originally created by @ollieb89 on GitHub (Mar 21, 2026). Original GitHub issue: https://github.com/sdras/awesome-actions/issues/723 ## Tool Submission for awesome-actions I'd like to submit **Workflow Guardian** to the awesome-actions directory. ### Details **Tool Name:** Workflow Guardian **Repository:** https://github.com/ollieb89/workflow-guardian **License:** MIT **Category:** Security & Linting ### Description A comprehensive linter and security validator for GitHub Actions workflow files that catches real security issues beyond GitHub's built-in validation: - **Secret exposure detection** — identifies leaked API keys and tokens in logs - **YAML validation** — schema validation and syntax checking - **Runner security** — best practices for runner configuration and isolation - **Secrets management** — compliance with secrets handling patterns - **Audit logging** — tracks workflow configuration changes ### Why it fits awesome-actions ✓ Actively maintained and open source (MIT) ✓ Solves real security pain points for GitHub Actions users ✓ Direct workflow integration without extra infrastructure ✓ Community-focused, open to feedback and contributions ### Author Submitted by @ollieb89 --- Would appreciate feedback on whether this is a good fit for the directory. Thanks!
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/awesome-actions#2771