GitHub Actions

Palisade in GitHub Actions

Palisade is available as a GitHub Action, enabling seamless integration of automated model security scanning into CI/CD workflows. This ensures that security checks are executed alongside code and artifact builds, providing consistent and repeatable model validation across repositories without the need for additional infrastructure or custom scripting.

Why GitHub Marketplace Matters

GitHub Actions is the backbone of modern CI/CD. By publishing Palisade on the Marketplace, teams can:

• Add model security scanning with a single workflow step.

• Keep security checks close to code and artifacts.

• Enforce consistent model validation across repositories.

• Avoid custom CI glue or bespoke scripts.

No new infrastructure. No additional services.

Key Features in the GitHub Action

• Blazing Fast – Scan 70B+ parameter models without OOM, powered by a Rust core.

• Pickle RCE Protection – Prevents unsafe deserialization exploits.

• Native CI/CD Integration – Drop‑in Action for GitHub workflows.

• Behavioral Detection (BETA) – Identifies fine-tuning attacks missed by static analysis.

• Supply Chain Verification – Sigstore signatures, SLSA provenance, ML BOM generation.

• Multiple Output Formats – Plain text, JSON, and SARIF for enterprise tooling & Code Scanning.

How to use in GitHub Actions

Replace <path-to-model> with the directory containing your model or artifact.

Results can be emitted in plain text, JSON, or SARIF 2.1.0.

Learn More & Get Started

• README: Palisade-Repository

• Marketplace: Palisade Security Scan