Topic · Updated June 19, 2026
Workflow Security Checklist
Short answer
Workflow Security Checklist is a focused Workflow Trust topic for developers evaluating public workflow repositories. Start by inspecting source-visible repositories, reviewed workflow files, compatible agents, license signals, and maintenance evidence before running anything locally. The practical goal is not to certify a repository as safe, but to help readers decide whether it belongs in a reviewed workflow, pending review candidate, or hidden low-confidence bucket. For this topic, the main review concern is that shell, filesystem, credentials, browser, messaging, and external writes need explicit boundaries.
The central workflow security question is simple: what can this workflow touch, and who approves risky actions? Good pages answer that before asking a user to run anything.
Who this topic helps
- Developers evaluating public workflow repositories.
- Security reviewers checking agent permissions.
- Small teams preparing local agent workflows.
Start here
Use this page as a focused path into Workflow Trust. It groups source-visible workflow reviews, practical guides, and risk notes around one search intent instead of forcing readers through the full catalog first.
Related workflow reviews
GitHub source · review page Super-Linter Code Review Source Pattern
github/super-linter · 87 trust reviewdog Code Review Source Pattern
reviewdog/reviewdog · 86 trust MCP TypeScript SDK Code Review Source Pattern
modelcontextprotocol/typescript-sdk · 85 trust Incident Response Briefing
GitHub source · review page
Related guides
Risk notes
- Shell, filesystem, credentials, browser, messaging, and external writes need explicit boundaries.
- Untrusted inputs should never become direct commands.
- Human approval points should be visible in the review conclusion.
Related questions
- What are workflow security checklist?
- Which GitHub repositories are useful for workflow security checklist?
- What risks should be checked before using workflow security checklist?
Common search phrases
workflow security checklist, workflow security checklist GitHub source, workflow security checklist risk review, workflow security checklist compatible agents
FAQ
What is the fastest workflow security check?
List the execution surfaces, credential scopes, external writes, and human approval gates before running anything.
Does a high trust score certify safety?
No. A score is a discovery aid, not a security certification.