You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/github-actions-opus-prompt.md
+2-1Lines changed: 2 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ Use this prompt with Opus 4.6 to assess your GitHub Actions workflows for compli
8
8
9
9
Please assess our GitHub Actions workflows for compliance with the NHSDigital GitHub Actions Security Best Practices (see docs/github-actions-best-practices.md).
10
10
11
-
- Review all workflow files in .github/workflows/ (*.yml, *.yaml).
11
+
- Review all workflow files in .github/workflows/ (`*.yml`, `*.yaml`).
12
12
- Identify any gaps or violations, including but not limited to:
13
13
- Actions not pinned to commit SHAs
14
14
- Missing or overly broad permissions blocks
@@ -21,6 +21,7 @@ Please assess our GitHub Actions workflows for compliance with the NHSDigital Gi
21
21
- Missing audit, monitoring, or CODEOWNERS controls
22
22
23
23
Please provide:
24
+
24
25
1. An investigation writeup summarizing the current state and any risks.
25
26
2. A list of remediation tickets for each gap found, with suggested actions.
0 commit comments