feat: Add GitHub Actions CI/CD workflow #189
Security Issues Found
Found 11 security issues that require attention
Details
Kusari Analysis Results:
Caution
Flagged Issues Detected
These changes contain flagged issues that may introduce security risks.
While dependency analysis shows no concerning changes, code analysis reveals 11 high-severity security vulnerabilities in GitHub Actions workflows that pose critical risks. The primary concerns are workflow_run triggers across 4 workflows that create attack vectors for malicious code execution, and unpinned GitHub Actions that expose the repository to supply chain attacks. These vulnerabilities could compromise the entire repository and must be remediated before the PR can be safely merged. Specific mitigations have been provided for replacing unsafe triggers and pinning all GitHub Actions to commit hashes.
Note
View full detailed analysis result for more information on the output and the checks that were run.
@kusari-inspector rerun - Trigger a re-analysis of this PR
@kusari-inspector feedback [your message] - Send feedback to our AI and team
See Kusari's documentation for setup and configuration.
Commit: d0da0b6, performed at: 2025-11-10T23:22:06Z