Weekly digest · public-receipt installs only

AntFleet · week ending 2026-05-25

Public activity from 2026-05-18 through 2026-05-25 UTC, pinned to this permalink.

91

reviews run

63

findings agreed

41

receipts closed

0

reactions observed

Top closures

3 of 3

securitycritical
Missing authentication/authorization on secret-management endpoints
repo 6f7fc663·PR #25·closed in 4b9b492
detail →
securitycritical
Unauthenticated endpoint can trigger GitHub Actions via gh CLI
repo 6f7fc663·PR #1·closed in 4b9b492
detail →
securitycritical
Missing authentication/authorization on secrets API exposes GitHub secret management to any caller
repo 6f7fc663·PR #3·closed in 4b9b492
detail →