AUTO-PUBLISHED/pypi/
pipeline-check@1.1.0
by Daniel Martin
CI/CD Security Posture Scanner — scores AWS, Terraform, CloudFormation, GitHub Actions, GitLab CI, Azure DevOps, Bitbucket Pipelines, Jenkins, CircleCI, Google Cloud Build, Buildkite, Drone CI, Tekton, Argo Workflows, Dockerfile, Kubernetes manifests, Helm charts, OCI image manifests, SCM repo posture (GitHub / GitLab / Bitbucket), npm and pypi dependency files against OWASP Top 10 CI/CD Risks and 14 other compliance frameworks
steals →npm tokenGitHub PATGitLab PATAI API keys
py-pip-install-runtimereads-github-tokensreads-gitlab-tokens