Skip to content

GitHub Action

App Shield protect

2.0.1 Latest version

App Shield protect


App Shield protect

Secure your Android and iOS mobile apps with proven in-app protection including obfuscation, device checks and anti-tamper


Copy and paste the following snippet into your .yml file.


- name: App Shield protect

uses: Verimatrix/app-shield-protect@2.0.1

Learn more about this action in Verimatrix/app-shield-protect
Choose a version

Verimatrix XTD and Counterspy

This action integrates Verimatrix Extended Threat Defense and Counterspy into your GitHub build workflow. It automates the protection of your Android and iOS apps so you can run it whenever a new version of your application is built.

Verimatrix XTD and Counterspy are a zero-code in-app protection services. They protect your apps from reverse engineering and attack through a layered security approach. Protection layers include obfuscation, environmental checks and binary integrity checks.

All XTD subscription tiers support this action, while for Counterspy you need a Standard subscription.


Action requires the following parameters:

  • api-key-id - api key ID
  • api-key-secret - api key secret
  • app_file - mobile application file (.zip, .apk or aab)

Key ID and key secret can be created and retrieved in XTD or Counterspy portal under "Overview" menu, in the "CI/CD integration" panel, "Manage API Keys".


Action produces a single output:

  • protected-file - protected file name that was downloaded from APS.

The protected-file name can be used with upload-artifact action to save the file as a build artifact.


- name: Application Protection
  id: app-protect
  uses: verimatrix/app-protect@v2
    api-key-id: ${{ secrets.API_KEY_ID }}
    api-key-secret: ${{ secrets.API_KEY_SECRET }}
    app-file: ${{ github.event.inputs.file }}