Skip to main content
SkillJury
Back to the directory
getsentry/skillsSoftware EngineeringFrontend and Design

gha-security-review

Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it.

SkillJury keeps community verdicts, source metadata, and external repository signals in separate lanes so ranking data never pretends to be a review.

SkillJury verdict
Pending

No approved reviews yet

Would recommend
Pending

Waiting on enough review volume

Install signal
1

Weekly or total install activity from catalog data

Sign in to review
0 review requests
Install command
npx skills add https://github.com/getsentry/skills --skill gha-security-review
SkillJury does not have enough approved reviews to publish a community verdict yet. Source metadata and repository proof are still available above.
SkillJury Signal Summary

As of Apr 30, 2026, gha-security-review has 1 weekly installs, 0 community reviews on SkillJury. Community votes currently stand at 0 upvotes and 0 downvotes. Source: getsentry/skills. Canonical URL: https://skills.sh/getsentry/skills/gha-security-review.

Security audits
Gen Agent Trust HubPASS
SocketWARN
SnykFAIL
About this skill
Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it. This skill encodes attack patterns from real GitHub Actions exploits — not generic CI/CD theory. Review the workflows provided (file, diff, or repo). Research the codebase as needed to trace complete attack paths before reporting. Only report vulnerabilities exploitable by an external attacker — someone without write access to the repository. The attacker can open PRs from forks, create issues, and post comments. They cannot push to branches, trigger workflow_dispatch , or trigger manual workflows.

Source description provided by the upstream listing. Community review signal and install context stay separate from this narrative layer.

Community reviews

Latest reviews

No community reviews yet. Be the first to review.

Browse this skill in context
FAQ
What does gha-security-review do?

Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it.

Is gha-security-review good?

gha-security-review does not have approved reviews yet, so SkillJury cannot publish a community verdict.

Which AI agents support gha-security-review?

gha-security-review currently lists compatibility with Claude Code, Cursor, Skills CLI.

Is gha-security-review safe to install?

gha-security-review has been scanned by security audit providers tracked on SkillJury. Check the security audits section on this page for detailed results from Socket.dev and Snyk.

What are alternatives to gha-security-review?

Skills in the same category include grimoire-morpho-blue, conversation-memory, second-brain-ingest, zai-tts.

How do I install gha-security-review?

Run the following command to install gha-security-review: npx skills add https://github.com/getsentry/skills --skill gha-security-review

grimoire-morpho-blueconversation-memorysecond-brain-ingestzai-tts
Related skills

More from getsentry/skills

getsentry/skills/Software Engineering

blog-writing-guide

This skill enforces Sentry's blog writing standards across every post — whether you're helping an engineer write their first blog post or a marketer draft a product announcement.

Weekly installs
835
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource getsentry/skills
getsentry/skills/Software Engineering

django-perf-review

Review Django code for validated performance issues. Research the codebase to confirm issues before reporting. Report only what you can prove.

Weekly installs
706
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource getsentry/skills
getsentry/skills/Software Engineering

code-simplifier

Code simplification and refactoring focused on clarity, consistency, and maintainability.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource getsentry/skills
getsentry/skills/Software Engineering

agents-md

Create and maintain minimal, high-signal agent documentation under 60 lines.

Weekly installs
1
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource getsentry/skills
Related skills

Alternatives in Software Engineering

franalgaba/grimoire/Software Engineering

grimoire-morpho-blue

Query Morpho Blue deployment metadata and vault snapshots via the Grimoire CLI.

Weekly installs
999
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource franalgaba/grimoire
sickn33/antigravity-awesome-skills/Software Engineering

conversation-memory

Persistent memory systems for LLM conversations with tiered storage and intelligent retrieval.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource sickn33/antigravity-awesome-skills
nicholasspisak/second-brain/Software Engineering

second-brain-ingest

Process raw source documents into structured, interlinked wiki pages.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringWriting and ContentNo reviews yetSource nicholasspisak/second-brain
aahl/skills/Software Engineering

zai-tts

High-quality text-to-speech audio generation using GLM-TTS with customizable voices and playback parameters.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource aahl/skills