1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18# gha-hazmat
A menagerie of insecure and exploitable GitHub Actions workflows and
action definitions.
This repository contains a sampling of various known insecure or exploitable
GitHub Actions usages. Each is (generally) isolated to its own workflow
and/or action definition.
To protect the innocent, this repository does not have any actions enabled.
## License
gha-hazmat is licensed under the terms of the MIT License.
Some workflow and action examples are adapted from public examples online;
each is attributed where possible.