GitHub Actions Audit

io.github.UnbearableDev/github-actions-audit·v1.0.0·Git & Code Hosting

GitHub Actions workflow security audit - 21 checks: pinning, permissions, secrets, injection.

Trust verdict · v1 advisory · method

NOT YET SCREENEDno verdict on file

Verdict not yet evaluated for this tool. The hybrid eval runs adversarial cases first; coverage rolls out as the corpus expands (15 of 150 labels to graduation). Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: hybrid eval, four-state verdict, honest limits.

Own this server? Screen its description →

MCP quality score · maturity, not trust · methodology

freshness

completeness

installability

documentation

stability

Alternatives in Git & Code Hosting

ai.smithery/Hint-Services-obsidian-github-mcp

Connect AI assistants to your GitHub-hosted Obsidian vault to seamlessly access, search, and analy…

ai.smithery/saidsef-mcp-github-pr-issue-analyser

A Model Context Protocol (MCP) application for automated GitHub PR analysis and issue management.…

ai.smithery/smithery-ai-github

Access the GitHub API, enabling file operations, repository management, search functionality, and…

Install

Remote endpoint

Streamable HTTP / SSE endpoint. Add to any MCP client that supports remote servers.

https://unbearable-dev--github-actions-audit.apify.actor/mcp

Verdict API

curl -s mcpindex.ai/api/v1/trust/server/io-github-unbearabledev-github-actions-audit

Free-tier verdict as JSON: decision + dimensions + severity. Call it from your agent before it invokes a tool it just discovered.

Details

version: v1.0.0
category: Git & Code Hosting
quality: 90 / 100
operator: UnbearableDev

Provenance

Verdict history is anchored to Bitcoin via OpenTimestamps. The free tier returns the current verdict only; the anchored record is served on the authenticated tier.

Links

Repository →Remote endpoint →