step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-09 09:17:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README.md

Browse source
This commit is contained in:
arjundashrath 2022-03-11 00:57:52 +05:30 committed by GitHub
commit b0999453b1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -1,6 +1,9 @@
# Security agent for Github-hosted runner
Harden-Runner GitHub Action installs a security agent on the Github-hosted runner to prevent exfiltration of credentials, monitor the build process, and detect compromised dependencies.
<p align="left">
<img src="https://github.com/arjundashrath/supply-chain-goat/blob/patch-2/images/harden-runner/HardenRunnerGIF.gif" alt="Link in build log" >
</p>
## Problem
Hijacked dependencies and compromised build tools typically make outbound requests during the build process to exfiltrate data or credentials. There is also a risk that a compromised dependency or build tool may modify source code, dependencies, or artifacts during the build process.