Skip to content

secdim/sandbox-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
images
images
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 

Repository files navigation

SecDim Sandbox – The Secure Code Learning Wargame ⚔️

sandbox action?label=version&color=blue
SecDim Sandbox supercharges your security CI/CD by transforming static SARIF findings into interactive, containerized labs. Turn every vulnerability into a hands-on learning adventure—complete with AI-powered hints, real-world exploitation tests, and patch validation.
SecDim Sandbox Cloud Overview
Figure 1. Image: SecDim Sandbox Cloud Overview
Security Tab Integration
Figure 2. Image: Security Tab Integration
Code Scanning Alerts
Figure 3. Image: Augmented Alerts

  • Instant Hands-On Labs – Each finding links to a fully containerized demo you can spin up in seconds.

  • Real Attacker Simulations – Built-in tests show you exactly how bad actors exploit each flaw.

  • AI Sidekick – Our AI code assistant gives you context, hints, and validation feedback.

  • Seamless Privacy – Only minimal metadata (e.g., CWE IDs) leaves your repo; your source code stays local.

  • Zero Config – Works out of the box with any SARIF-producing tool (Semgrep, CodeQL, etc.).

✨ Key Features

  • SARIF Enrichment: Scans your SARIF, enriches each finding with a lab link.

  • Catalog Lookup: Queries the SecDim Wargame catalog for the best matching challenge.

  • Security Tab Integration: Results appear right in your repo’s Security tab.

  • Customizable Templates: Override lab URLs, link labels, or categories via inputs.

  • Cross-Scanner Support: Plug into Semgrep, CodeQL, Sonar, and many others.

🔧 Example Workflow

name: "🚨 SecDim Sandbox CI"
on:
  push:
    branches: [ main ]
  pull_request:

jobs:
  sandbox:
    runs-on: ubuntu-latest
    permissions:
      security-events: write
      actions: read
      contents: read
    steps:
      - name: "🔍 Checkout Code"
        uses: actions/checkout@v2

      - name: "🐍 Setup Python 3.7"
        uses: actions/setup-python@v2
        with:
          python-version: "3.7"

      - name: "📦 Install Semgrep"
        run: pip install semgrep

      - name: "🚀 Run Semgrep Scan"
        run: semgrep scan --config auto --sarif > findings.sarif

      - name: "📤 Upload Semgrep Results"
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: findings.sarif
          category: semgrep

      - name: "🛡️ Enrich SARIF with SecDim Wargame"
        uses: secdim/[email protected]
        with:
          input_sarif_file: findings.sarif
          output_sarif_file: findings.processed.sarif

      - name: "📤 Upload Enriched SARIF"
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: findings.processed.sarif
          category: secdim-sandbox

🔒 Privacy & Security

Note

Your source code never leaves your environment. We only parse rule metadata (e.g., CWE IDs) and send tiny search queries to SecDim APIs. All heavy lifting stays in your CI runner.

🤔 FAQ

Do I need an account?

Nope—access to public labs is free. For private labs or enterprise features, contact us.

Can I tweak the action and output?

Absolutely! Check out SecDim Sandbox SARIF parser:

❤️ Contributing

We ❤️ pull requests! Check out the sandbox-action repo and open an issue or PR.

About

Turn every vulnerability into hands-on secure code learning labs - right in your CI pipeline

play.secdim.com/browse

Topics

security lab learning-by-doing secure-coding

Resources

Readme

License

View license
Activity
Custom properties

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 13

Added sarif parser for CodeQL and Snyk Latest
Sep 17, 2025
+ 12 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages