THE SUPPLY CHAIN ATTACK HIDING IN YOUR SUPPLY CHAIN AUDITOR
Transitive Action Dependencies
The Trivy attack did not just compromise trivy-action. It spread to setup-trivy as a transitive dependency. No existing tool scanned the full dependency tree of GitHub Actions, and SHA pinning only the top-level action was insufficient to prevent the compromise.
The invisible dependency chain
GitHub Actions reference other actions in their action.yaml files via uses: directives. This creates dependency chains that are invisible to the workflow author. You pin the top-level action to a SHA, but the actions it depends on may still use mutable tags.
How the Trivy compromise propagated
1. Your workflow
References trivy-action@v1 to scan container images for vulnerabilities.
2. trivy-action@v1
Internally references setup-trivy@v1 in its action.yaml via a uses: directive.
3. setup-trivy@v1
Downloads and installs the Trivy binary. When trivy-action was compromised, setup-trivy pulled the malicious binary.
4. Compromised binary
The credential-stealing payload (sysmon.py, pgmon) executes inside your CI runner with full access to secrets.
Why top-level SHA pinning is not enough
Even if you SHA-pin trivy-action@abc123 in your workflow, that pinned version of trivy-action may internally reference setup-trivy@v1 using a mutable tag. When the attacker compromises setup-trivy, your pinned trivy-action still pulls the malicious code. The entire dependency tree needs to be resolved and pinned.
How OpenSyber solves this
OpenSyber's Transitive Action Scanner resolves the full dependency graph of every GitHub Action in your workflows. It follows uses: references through every action.yaml, identifies mutable tags at any depth, and SHA-pins the entire tree. It is the first product to offer transitive action scanning.
Install the Transitive Action Scanner skill.
Resolve the full dependency graph of your GitHub Actions and SHA-pin every transitive dependency.
Start free →