COOEY // HUBcompliance · community · intelligence

FAIL › dossier

tj-actions vendor

1
failure events
0
zero-days
0
RCEs
1
on KEV
0
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 1 events

DateEventSevFlagsShameSummary
2025-03-18 CVE-2025-30066 high ⌖KEV 50 tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs. These secrets may include, but are not limited to, valid AWS access keys, GitHub personal access tok