Install via winget
click to copy
winget install zizmor.zizmor
About zizmor
zizmor is a static analysis tool for GitHub Actions. It can find many common security issues in typical GitHub Actions CI/CD setups, including: - Template injection vulnerabilities, leading to attacker-controlled code execution - Accidental credential persistence and leakage - Excessive permission scopes and credential grants to runners - Impostor commits and confusable git references - ...and much more!
Package ID
zizmor.zizmor
Version
1.24.1
Publisher
William Woodruff
License
MIT
Installer
zip
Architecture
x64
Tags
Frequently Asked Questions
How do I install zizmor using winget?
Open PowerShell or Windows Terminal and run:
winget install zizmor.zizmor. Winget ships with Windows 10 (1809+) and Windows 11.What is zizmor?
Static analysis for GitHub Actions.
Is zizmor free to download?
zizmor is distributed under the MIT license. Use the winget command above or the download button to get it directly from the publisher.
How do I update zizmor with winget?
Run
winget upgrade zizmor.zizmor in PowerShell or Windows Terminal to update to the latest available version.How do I uninstall zizmor?
Run
winget uninstall zizmor.zizmor to remove zizmor from your system.