Install with winget
Open PowerShell or Command Prompt and run:
winget install zizmor.zizmor
Copied to clipboard!
1Open PowerShell or Command Prompt
2Paste and run the command above
3Follow any on-screen prompts to complete installation
About zizmor
zizmor is a static analysis tool for GitHub Actions. It can find many common security issues in typical GitHub Actions CI/CD setups, including: - Template injection vulnerabilities, leading to attacker-controlled code execution - Accidental credential persistence and leakage - Excessive permission scopes and credential grants to runners - Impostor commits and confusable git references - ...and much more!
Advanced Install Options
Install (latest)
winget install zizmor.zizmorInstall (pinned version)
winget install --id zizmor.zizmor -e --version 1.24.1Upgrade
winget upgrade zizmor.zizmorUninstall
winget uninstall zizmor.zizmorFrequently Asked Questions
How do I install zizmor using winget?
Open PowerShell or Windows Terminal and run:
winget install zizmor.zizmor. Winget comes pre-installed on Windows 10 (1809+) and Windows 11.What is zizmor?
Static analysis for GitHub Actions.
Is zizmor free to use?
zizmor is distributed under the MIT license. Check the publisher’s site for full licensing details.
How do I update zizmor with winget?
Run
winget upgrade zizmor.zizmor in PowerShell or Windows Terminal to upgrade to the latest available version.How do I uninstall zizmor?
Run
winget uninstall zizmor.zizmor to remove zizmor from your system.