Following a security incident involving a vulnerable GitHub Action, Grafana Labs has implemented Zizmor, an open-source static analysis tool developed by William Woodruff, to enhance the security of their CI/CD pipelines. The vulnerability exploited allowed unauthorized code execution within a trusted environment, but Grafana Labs' proactive security measures quickly mitigated any potential harm. Zizmor, supported by Grafana Labs through a partnership with Woodruff, audits GitHub Actions for risks such as unpinned versions and forbidden uses, helping prevent future security breaches. Despite challenges like GitHub's rate limiting and centralized ruleset configuration, Grafana Labs has integrated Zizmor across over 2,000 repositories using GitHub Organization rulesets to ensure consistent application of security checks. By employing Zizmor in both offline and scheduled modes, they aim to balance comprehensive security assessments with efficient use of resources, preparing them better for any future GitHub Actions vulnerabilities.