Crawls all GitHub workflow files across the org and flags actions that are unpinned, out of date, or explicitly forbidden—then reports the exact SHA and fix needed.
Best for: Engineering leads or security teams managing supply-chain risk in CI/CD pipelines.
Creator's repository · bitwarden/ai-plugins
License: NOASSERTION