# GitHub Actions

### Palisade in GitHub Actions

Palisade is available as a GitHub Action, enabling seamless integration of automated model security scanning into CI/CD workflows. This ensures that security checks are executed alongside code and artifact builds, providing consistent and repeatable model validation across repositories without the need for additional infrastructure or custom scripting.

#### Why GitHub Marketplace Matters

GitHub Actions is the backbone of modern CI/CD. By publishing Palisade on the Marketplace, teams can:

* Add model security scanning with a single workflow step.
* Keep security checks close to code and artifacts.
* Enforce consistent model validation across repositories.
* Avoid custom CI glue or bespoke scripts.

No new infrastructure. No additional services.

#### Key Features in the GitHub Action

* Blazing Fast – Scan 70B+ parameter models without OOM, powered by a Rust core.
* Pickle RCE Protection – Prevents unsafe deserialization exploits.
* Native CI/CD Integration – Drop‑in Action for GitHub workflows.
* Behavioral Detection (BETA) – Identifies fine-tuning attacks missed by static analysis.
* Supply Chain Verification – Sigstore signatures, SLSA provenance, ML BOM generation.
* Multiple Output Formats – Plain text, JSON, and SARIF for enterprise tooling & Code Scanning.

#### How to use in GitHub Actions

```yml
- name: Run Palisade
  uses: highflame-ai/palisade-githubaction@v1
  with:
    args: "scan <path-to-model>"
```

Replace `<path-to-model>` with the directory containing your model or artifact.

Results can be emitted in plain text, JSON, or SARIF 2.1.0.

#### Learn More & Get Started

* README: [Palisade-Repository](https://github.com/highflame-ai/palisade-githubaction/blob/main/README.md)
* Marketplace: [Palisade Security Scan](https://github.com/marketplace/actions/palisade-security-scan)

\ <br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.highflame.ai/red-teaming/model-supply-chain-scan/github-actions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.