Runtime Network Security for GitHub Actions
CargoWall is a kernel-level network firewall for GitHub Actions. Control what your workflows can access at runtime and prevent supply chain attacks.
Traditional firewalls weren't built for CI/CD or AI coding agents.
GitHub Actions workflows are the most critical and vulnerable part of your software supply chain — and AI coding agents are the newest, hungriest tenants on them. Both need fine-grained egress control.
Default-Allow Egress
Traditional firewalls allow egress traffic by default - this is a major vulnerability for pipelines.
Supply-chain attacks exfiltrate sensitive information, leading to costly remediation campaigns.
Fine-grained controls over egress traffic — every workflow runs against an explicit allowlist enforced at the kernel level.
Brittle, Manual Rules
Configuring firewall rules is time-consuming and never comprehensive.
Rules are missed or written too broadly, leaving gaps in the network perimeter at every layer.
CargoWall calculates a network baseline for each workflow and our AI agent helps you author tight, targeted policies.
AI Coding Agents
AI coding agents need flexible network controls to fetch packages, APIs, and model providers.
Unrestricted internet access for AI agents drastically widens your supply-chain attack surface.
Customizable firewall rules for your AI agents gives them flexibility to get the job done while protecting your network perimeter.
Requirements for GitHub Actions Workflow Network Security
Policy Propagation
Deploy up-to-date firewall rules for every workflow execution in a highly-variable environment.
Compliance Enforcement
Identify and remediate workflows without the firewall; maintain a running log of malicious egress traffic.
Execution Visibility
Attribute malicious network traffic to workflows at the job level, identifying malicious code in seconds.
CargoWall Protects All of your Pipeline Runs
Configure, distribute, and enforce network security policies - all without slowing your engineering teams down.
Policy Enforcement at Scale
Define network rules once and automatically apply them across every repository and every workflow run.
Prevent Risky Actions
Block insecure scripts, unapproved actions, and misconfigured pipelines at the kernel level — before they run.
Real-Time Governance Visibility
Track violations, approvals, and compliance status across your entire GitHub Actions ecosystem in one view.
Prevent Malicious GitHub Actions from Stealing your Data
CargoWall stops data exfiltration attacks on your GitHub Actions by blocking all malicious egress traffic. Protect your organization from supply-chain compromises like the tj-actions/changed-files attack.
CargoWall Audit Log
run-1247 · acme-corp/api-service · build.yml
Action installed
tj-actions/changed-files@a5b3c4d · post-step injected
Egress connection attempted
93.184.216.34:443 · payload: SSH key, env secrets
Egress blocked
Destination not in allowlist · secrets never left the runner
Workflow continues
No interruption · 2.1s elapsed
Protect your GitHub Actions in 4 simple steps
1-Click Setup
Add CargoWall to every GitHub Actions workflow with a single click — no per-pipeline config and no runner changes.
Network Baseline
CodeCargo observes every workflow's network behavior and establishes a baseline of legitimate network traffic.
Firewall Assistant
Create network policies with the help of CodeCargo's Firewall Assistant — built from the baseline and refined as you review.
Runtime Enforcement
Egress traffic to untrusted destinations is blocked at the kernel level, on every runner, automatically.
CargoWall FAQ
You need to add a small CargoWall action to your workflows. CodeCargo can apply this automatically across your entire organization using the multi-repo engine.
No. CargoWall operates at the kernel level using eBPF, adding near-zero latency to your workflow runs. Network policy decisions happen in microseconds.
The connection is blocked at the kernel level before it is established. The event is logged in the CargoWall audit log with the workflow, destination, and policy that blocked it.
Yes. CargoWall supports audit mode, which logs all connections and policy decisions without blocking anything. This lets you validate policies before switching to enforcement.
Yes. CargoWall works with both GitHub-hosted and self-hosted runners. The eBPF programs are loaded dynamically during workflow execution.
Policies are defined in the CodeCargo dashboard by specifying allowed hostnames, IP addresses, or CIDR blocks per workflow, repository, or organization. CodeCargo can auto-suggest policies based on observed traffic.
Stop Running Workflows Without a Firewall
See how CargoWall brings kernel-level network security to your GitHub Actions runners — without modifying your pipelines.