# zizmor

> Static analysis (SAST) for GitHub Actions workflows: template injection, dangerous triggers, credential persistence, and excessive permissions

- HTML version: https://robbiepalmer.me/technologies/zizmor
- Website: https://zizmor.sh

## Projects using this technology

- [Personal Site](https://robbiepalmer.me/projects/personal-site.md)
- [Recipe Site](https://robbiepalmer.me/projects/recipe-site.md)

## Architecture decision records

- [ADR 049: Zizmor & actionlint (GitHub Actions Security)](https://robbiepalmer.me/projects/personal-site/adrs/049-zizmor.md)

---

Markdown index of this site: https://robbiepalmer.me/llms.txt