Search

github.blog › ai-and-ml › generative-ai

Under the hood: Security architecture of GitHub Agentic Workflows

… Agentic workflows execute as GitHub Actions, in which components share a single trust domain on top of the runner VM. In that model, sensitive material like agent authentication tokens and MCP server API keys reside in environment variables and configuration files visible to all processes in the VM. …

Mar 9, 2026 · Landon Cox, Jiaxiao Zhou

github.blog › security

How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework

… It turns out the suspected finding is in the micro-services based setup of Rocket.Chat. In that particular setup, Rocket.Chat exposes its user account service via its DDP Streamer service. …

Mar 6, 2026 · Man Yue Mo, Peter Stöckli