Compromised aquasecurity/trivy-action detected in GitHub Actions workflows #1891
Description
Compromised aquasecurity/trivy-action detected — introduced via Renovate digest update PR
Our automated platform at StepSecurity has detected that this repository ran a compromised version of aquasecurity/trivy-action during the recent Trivy supply chain incident. The compromised action was introduced via a Renovate digest update PR #1889, which updated the pinned SHA to a compromised commit. I have also manually confirmed that the affected workflow run indeed used the compromised action.
What happened?
The aquasecurity/trivy-action GitHub Action was compromised, and the attacker published new commits with malicious code. Renovate detected the new digest and created PR #1889 (chore(deps): update aquasecurity/trivy-action digest to 91e7c2c) on 2026-03-19 to update the pinned SHA to the compromised commit. The PR's CI workflow then executed the compromised action.
For more details on the incident, see StepSecurity Blog: Trivy Compromised a Second Time.
Compromised SHAs detected
aquasecurity/trivy-action@91e7c2c36dcad14149d8e455b960af62a2ffb275(0.33.1)aquasecurity/setup-trivy@e6c2c5e321ed9123bda567646e2f96565e34abe1
Affected workflow runs
| # | Workflow Run | Build Log (compromised step) |
|---|---|---|
| 1 | 23318022063 | View compromised action step |
Recommended actions
- Close PR #1889 immediately — it pins to a compromised SHA and must not be merged
- Configure
minimumReleaseAgein your Renovate configuration to delay digest updates, ensuring that newly published commits have time to be vetted before Renovate proposes them. This would have prevented this incident - Review the compromised workflow job run and identify if the job had access to any secrets. If yes, consider them exfiltrated and rotate them immediately
- Pin GitHub Actions to full-length commit SHAs to prevent future tag-based supply chain attacks. You can use StepSecurity Secure Repo to automatically pin GitHub Actions