Find out what vulnerabilities are lurking in your code. 👀 GitHub's new Code Security Risk Assessment scans your organization's code and delivers a vulnerability dashboard broken down by severity, language, and repo. No config, no commitment. Run your free assessment now. github.blog/security/appli…

@github Run this on windows or github actions yet?

@github Run the assessment. Treat the dashboard like a heat map: triage critical findings immediately and schedule weekly remediation sprints for the rest. Security is rhythm, not a checkbox

@github Is it better than prr’s audit mode?

Ready to bring ideas to life? Try Grok Imagine today

@github genuinely curious how this handles AI-generated code. my agents write a lot of typescript and i have no idea what vulnerability patterns to look for in claude-generated functions

@github Depends, the usual mess is unchecked inputs, auth bypass, and weird SSRF edges. I’d run SAST + tests first, then signalkit only for tracking when AI tools get mentioned in recs.

@github The biggest issues affecting open source code use in enterprise is zero day supply chain attacks like all the recent ones in NPM. That’s a true problem that needs to be solved

@github github.com/orgs/---/secur…

@github @GitHubSupport Hi, my account "isflorian-hash" appears flagged. Public profile returns 404, cannot fork or use Copilot. Submitted support form but got validation error. Can you check? Thanks.

@github Good.

@github No config needed is nice. Too many security tools die at the setup phase because nobody has time to configure them properly.

@github Tried this on a payments backend last week. The severity breakdown by language was useful, especially for older Java services we had not audited in years. Curious if you plan to pipe the output into PR review comments next.

@github どうやって使うんじゃ？

@github Timing on this...