Repository that demonstrates how an attacker may change repository settings using a leaked GitHub token.
Minder will safe the day by actively monitoring the repository settings and enforce security best practices.
- Branch Protection disallows force pushes
- Branch Protection dismisses stale reviews
- GitHub Actions workflows have limited perm
- Secret Scanning is enabled
- Secret push protection is enabled
The organization's audit log shows when Minder was active.