minder icon indicating copy to clipboard operation
minder copied to clipboard
verified publisher icon stacklok

RuleType to check for dangerous workflows

Open puerco opened this issue 1 year ago • 0 comments

Minder should check pull requests and recurrently on the repo for dangerous workflows. For example those that execute code at the pull request target. At PR time we could block, on recurring jobs we could look for an ever increasing test suite that analizes the workflow files.

puerco avatar Jul 11 '24 06:07 puerco