Security scanner for AI agent skills. Detect dangerous patterns before they reach production.
- π‘οΈ 69+ detection patterns β shell injection, credential theft, filesystem access, network exfiltration
- β‘ Fast β scans in seconds, not minutes
- π§ Configurable β fail on WARN, DANGER, or never
- π Rich output β detailed findings with line numbers
name: Security Scan
on: [push, pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: counterspec/isnad-scan-action@v1
with:
path: './skills'
fail-on: 'DANGER'
| Input |
Description |
Default |
path |
Path to scan |
. |
fail-on |
Fail on trust level (WARN, DANGER, never) |
DANGER |
verbose |
Show verbose output |
false |
| Output |
Description |
trust-level |
Result: SAFE, WARN, or DANGER |
findings-count |
Number of security findings |
report |
Full scan report |
Example: Comment on PR
- uses: counterspec/isnad-scan-action@v1
id: scan
with:
path: './skills'
fail-on: 'never' # Don't fail, just report
- name: Comment on PR
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
script: |
const trustLevel = '${{ steps.scan.outputs.trust-level }}';
const emoji = trustLevel === 'SAFE' ? 'β
' : trustLevel === 'WARN' ? 'β οΈ' : 'π¨';
github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
body: `## ${emoji} ISNAD Security Scan\n\n**Trust Level:** ${trustLevel}\n**Findings:** ${{ steps.scan.outputs.findings-count }}\n\n\`\`\`\n${{ steps.scan.outputs.report }}\n\`\`\``
});
| Level |
Description |
| β
SAFE |
No concerning patterns detected |
| β οΈ WARN |
Patterns that need review (env access, file writes) |
| π¨ DANGER |
High-risk patterns (shell exec, credential access, network calls) |
Built by ISNAD Protocol β Trust infrastructure for AI agents.
