GitHub Actions are getting more and more popular among developers as they provide lots of functionality for building and deploying code. Simultaneously, threats to Continuous Integration/Continuous Delivery pipelines increase. Our work explores different attack vectors for GitHub Workflows by developing multiple proof-of-concept actions. We proof that current state-of-the-art anti-virus scanners are not able to detect our custom malicious actions and, therefore, developers currently have to rely on manually analyzing actions. As of May 11th 2023, the GitHub Marketplace holds 12,710 actions, which makes manually analyzing all actions not feasible. We introduce an approach to automatically analyze GitHub Actions. Our approach executes actions, gathers data at runtime, filters and summarizes the data and classifies actions based on a set of 48 extracted features. Our classification is based on multiple detection models such as an artificial neural network, One-Class Support Vector Machines, Local Outlier Factor and Isolation Forest. We label a dataset with 104 actions and proof that all four classification models are able to detect malicious actions, while outperforming state-of-the-art anti-virus scanners in accuracy, F1-score, precision and recall. Our analysis shows that Local Outlier Factor works best for our dataset with a F1-score of 45 percent. Furthermore, our work extracts general characterization data about GitHub Actions and provides suggestions for improvements in order to reduce the number of false positives and to increase the true positive rate.