Back to Blog

Harden-Runner Block Mode Now Available for macOS and Windows GitHub-Hosted Runners

Harden-Runner v2.20.0 extends egress block mode to macOS and Windows GitHub-hosted runners, so you can stop secret exfiltration on every OS your pipelines run on, not just observe it.
Ashish Kurmi
View LinkedIn

July 15, 2026

Share on X
Share on X
Share on LinkedIn
Share on Facebook
Follow our RSS feed
Table of Contents

Harden-Runner v2.20.0 extends egress block mode to macOS and Windows GitHub-hosted runners, so you can stop secret exfiltration on every OS your pipelines run on, not just observe it.

The most damaging GitHub Actions attacks of the past year share one mechanism: a compromised workflow or dependency makes an outbound call and your secrets leave with it. The Megalodon campaign exfiltrated secrets across 5,500 public repositories. GhostAction stole more than 3,000 secrets through malicious workflows. In both cases, the difference between an incident and a near miss came down to one question: could the runner make that outbound call, or not?

Until now, Harden-Runner could answer "no" on Linux GitHub-hosted runners with egress-policy: block. On macOS and Windows GitHub-hosted runners, teams had audit mode: full visibility into outbound traffic, but no enforcement.

With Harden-Runner v2.20.0, block mode is now supported on macOS and Windows GitHub-hosted runners.

Why this matters for macOS and Windows pipelines

macOS and Windows runners are not the long tail of CI. They are where some of the most sensitive credentials in your organization live:

  • macOS runners build and sign iOS and macOS apps. Jobs routinely handle Apple signing certificates, provisioning profiles, and App Store Connect API keys. Attackers know this: the Velora DEX SDK compromise shipped an npm package that specifically dropped a macOS backdoor.
  • Windows runners build and sign Windows binaries and installers. Code signing certificates on these runners are exactly what supply chain attackers need to make malware look legitimate.

A malicious dependency does not check which OS it landed on before phoning home. Your egress policy should not depend on it either.

From visibility to enforcement

We shipped audit mode for Windows and macOS runners so teams could see every outbound call from these runners. That visibility is how you build a baseline. Block mode is how you enforce it.

With egress-policy: block, outbound calls that are not on your allowed endpoints list are stopped, regardless of what a compromised dependency, poisoned action, or injected script tries to reach.

Follow this interactive demo to see block mode in action:

The recommended path stays the same on every OS: start in audit mode, review the recommended policy Harden-Runner generates from your actual traffic, then switch to block. Full setup details are in the Harden-Runner documentation.

Harden-Runner protects 13,000+ open-source projects and enterprises, and block mode is how the highest-impact detections become preventions.

How exposed are your workflows? Run a free GitHub Actions security audit to see which of your repositories handle secrets on macOS and Windows runners without egress control. Get your free audit

Ready to enforce egress policies across every OS in your fleet? Start free or request a demo

Explore Related Posts