Skip to content

underdog-tech/vulnbot-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

VulnBot for GitHub Actions

GitHub Action for running VulnBot.

Usage

name: Weekly VulnBot scan
on:
  schedule:
    - cron: "0 0 * * 0"
  workflow_dispatch:
    ...
jobs:
  run-vulnbot:
    runs-on: ubuntu-latest
    name: Vulnbot Report
    steps:
    - uses: underdog-tech/vulnbot-action@v1
      with:
         config: "config/config.toml"
         slack_auth_token: ${{ secrets.SLACK_AUTH_TOKEN }}
         github_token: ${{ secrets.GITHUB_TOKEN }}
         github_org: ${{ secrets.GITHUB_ORG }}

Input variables

See the action.yml file for more detail information.

  • config: Path that specifies the ecosystems for which the VulnBot will be reporting vulnerabilities.
  • slack_auth_token: Represents the Slack authentication token that allows the VulnBot to access and post messages to a Slack channel.
  • github_token: Access token that allows the VulnBot to interact with the GitHub API.
  • github_org: Refers to the GitHub organization that the repository belongs to.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 8

v1.0.1 Latest
Mar 9, 2026
+ 7 releases

Packages

 
 
 

Contributors

Languages