zizmor is a static analysis tool for GitHub Actions workflows. It analyses workflow YAML files for security vulnerabilities without executing them, requiring no cloud credentials or network access. It finds a wide range of issues including template injection vulnerabilities, accidental credential leakage, excessive permission grants, and use of untrustworthy action references.

• Analyses GitHub Actions workflow files for security vulnerabilities
• Finds template injection, credential persistence, excessive permissions, and unpin actions
• Works entirely offline against local files — no cloud credentials needed
• Can optionally use the GitHub API to resolve action references online
• Outputs to plain text, JSON, and SARIF
• 3.5k stars, 65+ releases, actively maintained

• Template injection — untrusted input (e.g. github.event.pull_request.title) used directly in run: steps, which can lead to code execution
• Credential persistence — secrets or tokens accidentally written to logs or environment variables
• Excessive permissions — workflows or jobs granted more permissions than needed
• Impostor commits — actions referenced by mutable tags or branch names rather than pinned commit SHAs
• Confusable references — action names that could be confused with similar typosquat names
• See the full audit list for all checks

No setup required. Run from the shell.

zizmor <path-to-workflow.yml>
zizmor .github/workflows/build.yml

zizmor .                               # scans .github/workflows/ in current directory
zizmor <path-to-repo>

Providing a token allows zizmor to verify action pinning against the GitHub API:

export GITHUB_TOKEN=<your-token>
zizmor --gh-token $GITHUB_TOKEN .

The token only requires public repo read access. No write permissions are needed.

zizmor --min-severity medium .         # only medium and above
zizmor --min-severity high .           # only high and critical

zizmor --min-confidence high .

zizmor --format json . > /output/zizmor-results.json
zizmor --format sarif . > /output/zizmor-results.sarif

zizmor --no-default-filters --pedantic .     # show everything including low-confidence

To suppress a specific finding inline, add a comment to the workflow file:

- name: Some step
  run: echo "${{ github.event.pull_request.title }}" # zizmor: ignore[template-injection]

Or create a .zizmor.yml config file to suppress rules project-wide:

rules:
  template-injection:
    ignore:
      - step: "Some step"

# zizmor exits non-zero if findings are present — useful in CI
zizmor . && echo "Clean" || echo "Issues found"

• zizmor analyses workflow syntax statically and cannot evaluate runtime conditions. Some findings may not be exploitable in practice due to branch protection or other controls — review each finding in context.
• Without a GitHub token, action references are checked against locally available information only. Pinning checks are most accurate with --gh-token.

• GitHub Repo
• Documentation
• Full Audit List