Action-locker: pin, verify, and vendor GHAs
52
SCORE
Action-locker is a tool for securing GitHub Actions workflows by pinning actions to specific commit SHAs, verifying their integrity, and vendoring them into the repository. It helps prevent supply chain attacks caused by mutable action tags or compromised third-party actions. The tool is designed for teams that want stricter control over the external actions used in their CI/CD pipelines.
Sources (1)
Show HN
2 PTS
Score Breakdown
Traction
raw 3.00 · weight 35%
7.0pts
Novelty
0 days old · weight 20%
20.0pts
Source diversity
1 source · weight 10%
3.3pts
AI quality
raw 62.00 · weight 35%
21.7pts
Addresses a real supply chain security need for GitHub Actions, but competes with established tools like Renovate and StepSecurity's Harden-Runner.
Final Score52/100
Similar Products
aur-malware-check
84
SCORE
security-audit-skill
82
SCORE
Perfai Security
77
SCORE
AgentKey
76
SCORE
Constellation Gate AI
67
SCORE
TailMux
62
SCORE
← ALL PRODUCTS© 2026 MARKETHUNT