Security scanner for AI agent skills. Detect dangerous patterns before they reach production.
- π‘οΈ 69+ detection patterns β shell injection, credential theft, filesystem access, network exfiltration
- β‘ Fast β scans in seconds, not minutes
- π§ Configurable β fail on WARN, DANGER, or never
- π Rich output β detailed findings with line numbers
name: Security Scan
on: [push, pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: counterspec/isnad-scan-action@v1
with:
path: './skills'
fail-on: 'DANGER'| Input | Description | Default |
|---|---|---|
path |
Path to scan | . |
fail-on |
Fail on trust level (WARN, DANGER, never) |
DANGER |
verbose |
Show verbose output | false |
| Output | Description |
|---|---|
trust-level |
Result: SAFE, WARN, or DANGER |
findings-count |
Number of security findings |
report |
Full scan report |
- uses: counterspec/isnad-scan-action@v1
id: scan
with:
path: './skills'
fail-on: 'never' # Don't fail, just report
- name: Comment on PR
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
script: |
const trustLevel = '${{ steps.scan.outputs.trust-level }}';
const emoji = trustLevel === 'SAFE' ? 'β
' : trustLevel === 'WARN' ? 'β οΈ' : 'π¨';
github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
body: `## ${emoji} ISNAD Security Scan\n\n**Trust Level:** ${trustLevel}\n**Findings:** ${{ steps.scan.outputs.findings-count }}\n\n\`\`\`\n${{ steps.scan.outputs.report }}\n\`\`\``
});| Level | Description |
|---|---|
| β SAFE | No concerning patterns detected |
| Patterns that need review (env access, file writes) | |
| π¨ DANGER | High-risk patterns (shell exec, credential access, network calls) |
Built by ISNAD Protocol β Trust infrastructure for AI agents.