A data-driven analysis of GitHub Actions security vulnerabilities across PyPI packages, based on scanning 152,000 repositories with the zizmor static analyser. Key findings: 102,000 repos have excessive permissions, 86,000 have unpinned action references, 44,000 still use stored API tokens instead of trusted publishing, and 21,000 have template injection vulnerabilities. The post documents 10 real supply chain incidents from Nov 2024 to May 2026, six resulting in malicious wheels on PyPI. It explains how attack chains combine misconfigurations (pull_request_target, cache poisoning, template injection) and provides concrete hardening steps: migrate to trusted publishing with deployment environments, pin all actions to commit SHAs, restrict permissions explicitly, isolate publish jobs, and integrate zizmor as a blocking CI check.
Table of contents
Actions as a package manager #Method #Findings #Who Python CI depends on #GitHub’s roadmap #Hardening a publish workflow #Sort: