Skip to content

Composite Actions

All Argus scanner and utility actions. Each is self-contained and usable independently.

🤖 AI & Reporting

Action Description
ai-summary Generates an AI-powered executive security summary from aggregated Argus scanner results

✅ Code Quality & Linting

Action Description
linter-dockerfile Run Dockerfile linting using Hadolint
linter-javascript Run JavaScript code quality checks using syntax validation and JSHint
linter-json Run JSON validation and syntax checking
linter-python Run Python code quality checks using flake8 and bandit
linter-terraform Run Terraform formatting and validation checks
linter-yaml Run yamllint for YAML file validation and style checking
linting-summary Aggregate all linter results into a unified report

📦 Container Security

Action Description
parse-container-config Parses a container-config YAML/JSON file and outputs a GitHub Actions matrix
scanner-container Run container security scanning with Trivy, Grype, and Syft using official published actions
scanner-container-summary Combines results from parallel container scans (matrixed by container+scanner) into a unified summary
scanner-syft Generate Software Bill of Materials (SBOM) using Syft

🕷️ DAST

Action Description
parse-zap-config Parses a ZAP DAST config file (YAML/JSON/JS) and outputs a GitHub Actions matrix
scanner-zap Run ZAP (Zed Attack Proxy) DAST scanning and generate reports
scanner-zap-summary Generates combined summary from ZAP DAST scan results

🔍 SAST

Action Description
scanner-bandit Run Bandit security scanner on Python code and generate reports
scanner-codeql Run CodeQL SAST analysis for a single language and generate reports
scanner-opengrep Run OpenGrep SAST analysis and generate reports

🏗️ Infrastructure Security

Action Description
scanner-checkov Run Checkov infrastructure-as-code scanning and generate reports
scanner-trivy-iac Run Trivy infrastructure-as-code scanning and generate reports

🛡️ Malware Detection

Action Description
scanner-clamav Run ClamAV malware scanning and generate reports

🔗 Dependency Scanning

Action Description
scanner-dependency-review Run GitHub's dependency-review-action for PR-based dependency vulnerability
scanner-osv Run Google OSV-Scanner for dependency vulnerability scanning

🔑 Secrets Detection

Action Description
scanner-gitleaks Run Gitleaks secrets detection and generate reports

📋 Compliance & Change Control

Action Description
scn-detector Analyzes Infrastructure as Code files for significant changes, classifies them according to a configurable profile

⚙️ Utility & Reporting

Action Description
security-summary Aggregate all security scan results into a unified report