hasp: A paranoid scanner and kernel-sandboxed step runner for GitHub Actions

I worked on hasp after seeing the Trivy and LiteLLM PyPI-credential leak. It was clear that the failure there wasn't unique since any CI step can get compromised, and everything else in the job shares its secrets.

What started as a consistency check for immutable SHA pinning and version comment consistency grew into a larger project with token sandboxing and a suite of runtime checks. I drew some inspiration from zizmor, which focuses more on static analysis. Fundamentally, hasp does two things:

1. Scan: a paranoid audit of .github/workflows/ which verifies every `uses`: is pinned to an immutable SHA that actually exists, checks commit provenance, maps which secrets reach which actions, flags injection patterns and excessive permissions.

2. Exec: wraps any subprocess in Landlock (filesystem) + seccomp (syscalls) + BPF cgroup (network egress). Rather than injecting secrets into the env, they're served from a localhost proxy with a per-secret allowlist of destination domains. A compromised npm postinstall can't exfiltrate GITHUB_TOKEN to evil.com because the BPF program drops it.

Written in Rust, single musl binary, MIT License, and shipping now as-is in alpha. Run the binary in GHA or use the forthcoming GHA itself. See docs/TRUST.md to understand the bootstrap-able trust model.