Windows Package Index — Powered by Winget

zizmor

1.24.1 MIT by William Woodruff

Static analysis for GitHub Actions.

Install via Winget

winget install zizmor.zizmor

Open Windows Terminal or PowerShell and run the command above. Winget is built into Windows 10 (1809+) and Windows 11.

About zizmor

zizmor is a static analysis tool for GitHub Actions. It can find many common security issues in typical GitHub Actions CI/CD setups, including: - Template injection vulnerabilities, leading to attacker-controlled code execution - Accidental credential persistence and leakage - Excessive permission scopes and credential grants to runners - Impostor commits and confusable git references - ...and much more!

Tags

github-actionssecuritysecurity-toolsstatic-analysis

Frequently Asked Questions

How do I install zizmor using winget?
Open Windows Terminal or PowerShell and run: winget install zizmor.zizmor. Winget is built into Windows 10 (1809+) and Windows 11.
What is zizmor?
Static analysis for GitHub Actions.
Is zizmor free to download?
zizmor is available under the MIT license. Use the winget command or the direct download link on this page.
How do I update zizmor with winget?
Run winget upgrade zizmor.zizmor in Windows Terminal or PowerShell to update zizmor to the latest available version.