static analysis tool for GitHub Actions
zizmor is a static analysis tool for GitHub Actions.

It can find many common issues in typical GitHub Actions CI/CD setups,
including:

* Template injection vulnerabilities, leading to attacker-controlled
  code execution
* Accidental credential persistence and leakage
* Excessive permission scopes and credential grants to runners
* Impostor commits and confusable git references

Maintainer: Theo Buehler <tb@openbsd.org>

WWW: https://docs.zizmor.sh/
