Aegis Forge

What is Kleio

Introducing Kleio and how you can use it to analyze the SSC of your GitHub workflows

Introduction

Kleio is a crawler for GitHub workflows' histories. From workflows, it extracts all its GitHub Action, Docker, and reusable workflows dependencies. Thanks to this tool, researchers and practitioners can analyze the software supply chain of GitHub workflows, and how these change over time.

Codeberg Repository

The whole codebase for Kleio is open source and available on Codeberg.

Docker Image

A Kleio Docker image is available both on Docker Hub and on GitHub's Container Registry.

Citation

If you use this software in your work, please include the following citation:

Riggio, Edoardo, and Pautasso, Cesare. "Changing Nothing, Yet Changing Everything: Exploring Rug Pulls in GitHub Workflows." 23rd IEEE International Conference on Software Architecture (ICSA), IEEE, 2026, in press.

License

The code for Kleio is available on Codeberg under the MIT license.

Getting Started

Get started with a fresh installation of Kleio

On this page

Introduction
Links
Citation
License