{"id":"89d11e8e-5410-41f9-b131-12f74169483f","shortId":"FenTL7","kind":"skill","title":"Harden-Runner CI/CD Security Agent for GitHub Actions","tagline":"Harden-Runner by StepSecurity is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity in real-time, detecting supply chain attacks such as the tj-actions and Codecov compromises.","description":"# Harden-Runner CI/CD Security Agent for GitHub Actions\n\nHarden-Runner by StepSecurity is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity in real-time, detecting supply chain attacks such as the tj-actions and Codecov compromises.\n\n## Installation\n\nRequirements and caveats from upstream:\n- [Harden-Runner Flagged an Anomalous Outbound Call, Leading to a Docker Documentation Update](https://www.stepsecurity.io/blog/harden-runner-flags-anomalous-outbound-call-leading-to-docker-documentation-update)\n\nBasic usage or getting-started notes:\n- [Getting Started Guide](#getting-started)\n- This guide walks you through the steps to set up and use Harden-Runner in your CI/CD workflows. For more details, refer to the [official documentation](https://docs.stepsecurity.io/harden-runner).\n- ### **Step 1: Add Harden-Runner to Your Workflow**\n\n- Source: https://github.com/step-security/harden-runner\n- Extracted from upstream docs: https://raw.githubusercontent.com/step-security/harden-runner/HEAD/README.md\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/harden-runner-cicd-security-agent-github-actions/)","tags":["harden","runner","cicd","security","agent","github","actions","skills","agentskillexchange","agent-skills","ai-agents","ai-tools"],"capabilities":["skill","source-agentskillexchange","skill-harden-runner-cicd-security-agent-github-actions","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/harden-runner-cicd-security-agent-github-actions","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,219 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:10:50.021Z","embedding":null,"createdAt":"2026-05-18T13:17:02.616Z","updatedAt":"2026-05-18T19:10:50.021Z","lastSeenAt":"2026-05-18T19:10:50.021Z","tsv":"'/blog/harden-runner-flags-anomalous-outbound-call-leading-to-docker-documentation-update)':131 '/harden-runner).':174 '/skills/harden-runner-cicd-security-agent-github-actions/)':201 '/step-security/harden-runner':187 '/step-security/harden-runner/head/readme.md':194 '1':176 'action':9,27,51,63,81,105 'activ':37,91 'add':177 'agent':6,19,60,73,196 'agentskillexchange.com':200 'agentskillexchange.com/skills/harden-runner-cicd-security-agent-github-actions/)':199 'anomal':120 'attack':45,99 'basic':132 'call':122 'caveat':112 'chain':44,98 'ci/cd':4,17,58,71,162 'codecov':53,107 'compromis':54,108 'detail':166 'detect':42,96 'doc':191 'docker':126 'docs.stepsecurity.io':173 'docs.stepsecurity.io/harden-runner).':172 'document':127,171 'edr':24,78 'egress':32,86 'exchang':198 'extract':188 'file':33,87 'flag':118 'get':136,139,143 'getting-start':135,142 'github':8,26,62,80 'github.com':186 'github.com/step-security/harden-runner':185 'guid':141,146 'harden':2,11,56,65,116,158,179 'harden-runn':1,10,55,64,115,157,178 'instal':109 'integr':34,88 'lead':123 'like':22,76 'monitor':30,84 'network':31,85 'note':138 'offici':170 'outbound':121 'process':36,90 'raw.githubusercontent.com':193 'raw.githubusercontent.com/step-security/harden-runner/head/readme.md':192 'real':40,94 'real-tim':39,93 'refer':167 'requir':110 'runner':3,12,28,57,66,82,117,159,180 'secur':5,18,59,72 'set':153 'skill':197 'skill-harden-runner-cicd-security-agent-github-actions' 'sourc':184,195 'source-agentskillexchange' 'start':137,140,144 'step':151,175 'stepsecur':14,68 'suppli':43,97 'time':41,95 'tj':50,104 'tj-action':49,103 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'updat':128 'upstream':114,190 'usag':133 'use':156 'walk':147 'work':21,75 'workflow':163,183 'www.stepsecurity.io':130 'www.stepsecurity.io/blog/harden-runner-flags-anomalous-outbound-call-leading-to-docker-documentation-update)':129","prices":[{"id":"29d15bc2-0f6e-4a05-a5ee-5b7b230a80a4","listingId":"89d11e8e-5410-41f9-b131-12f74169483f","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:17:02.616Z"}],"sources":[{"listingId":"89d11e8e-5410-41f9-b131-12f74169483f","source":"github","sourceId":"agentskillexchange/skills/harden-runner-cicd-security-agent-github-actions","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/harden-runner-cicd-security-agent-github-actions","isPrimary":false,"firstSeenAt":"2026-05-18T13:17:02.616Z","lastSeenAt":"2026-05-18T19:10:50.021Z"}],"details":{"listingId":"89d11e8e-5410-41f9-b131-12f74169483f","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"harden-runner-cicd-security-agent-github-actions","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"a1c6efdf454c59f419e6af8e1b9df401edda95ed","skill_md_path":"skills/harden-runner-cicd-security-agent-github-actions/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/harden-runner-cicd-security-agent-github-actions"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Harden-Runner CI/CD Security Agent for GitHub Actions","description":"Harden-Runner by StepSecurity is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity in real-time, detecting supply chain attacks such as the tj-actions and Codecov compromises."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/harden-runner-cicd-security-agent-github-actions"},"updatedAt":"2026-05-18T19:10:50.021Z"}}