{"skill":{"slug":"github-actions-cache-hardening-audit","displayName":"GitHub Actions Cache Hardening Audit","summary":"Audit GitHub Actions workflow cache usage for poisoning, keying, and secret-path risks.","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":276,"installsAllTime":1,"installsCurrent":1,"stars":0,"versions":1},"createdAt":1772935613370,"updatedAt":1777525723794},"latestVersion":{"version":"1.0.0","createdAt":1772935613370,"changelog":"Initial release of github-actions-cache-hardening-audit.\n\n- Audits GitHub Actions workflow cache usage for risks like cache poisoning, improper keying, and secret-path exposure.\n- Checks for insecure usage patterns, including untrusted triggers, weak cache keys, dangerous restore-keys, and sensitive paths.\n- Supports customizable input options for file selection, output format (text or JSON), and risk thresholds.\n- Can be configured to fail CI on detection of critical cache risks.\n- Provides clear summary reports for flagged and critical workflows.","license":null},"metadata":{"os":null,"systems":null},"owner":{"handle":"daniellummis","userId":"publishers:daniellummis","displayName":"Daniel Lummis","image":"https://avatars.githubusercontent.com/u/65238171?v=4"},"moderation":null}