Who actually has admin access to your GitHub repos? Most teams have no idea

Short summary

GitHub access sprawl affects most mature orgs—inactive users, contractors, and outside collaborators often retain write or admin access with no alerts. gh-iga is an open-source CLI that scans GitHub org access in 60 seconds, flags high-risk patterns, and generates shareable HTML/Markdown reports. Install with pip, create a GitHub token, and run one command; integrates with GitHub Actions for weekly automated scans.

• •Access sprawl is endemic in mature GitHub orgs—admins on 5+ repos, inactive privileged users, external collaborators with high permissions
• •gh-iga scans in 60 seconds, categorizes risks by severity (high/medium/hygiene), outputs HTML/Markdown/JSON for auditors and CI/CD
• •Open-source Apache 2.0 tool; one command (gh-iga scan --org myorg) with zero infrastructure; integrates GitHub Actions for automated weekly scans

Generated with AI, which can make mistakes.