diff --git a/README.md b/README.md
index 2693c62..37888c1 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,53 @@
# actions_python_bandit
A Github action for security scanning with bandit.
+
+
+
+
+## How to use
+In your .github/workflows directory, create a yaml file (such as main.yaml). Add a job for each desired workflow with the `uses` keyword. Use the `with` keyword to pass any desired variables.
+
+Examples:
+
+```
+on: [push]
+
+jobs:
+ bandit:
+ runs-on: ubuntu-latest
+ name: "bandit"
+ steps:
+ - uses: davidslusser/actions_python_bandit@v1.0.0
+```
+
+
+```
+on: [push]
+
+jobs:
+ bandit:
+ runs-on: ubuntu-latest
+ name: "bandit"
+ steps:
+ - uses: davidslusser/actions_python_bandit@v1.0.0
+ with:
+ src: "src"
+ options: "-r"
+ pip_install_command: "pip install -e .[dev]"
+ python_version: "3.9"
+```
+
+
+
+## Inputs
+ - **src:** source directory of code to check (defaults to "`.`")
+ - **options:** optional flags/parameters used in bandit command (defaults to "`-r`")
+ - **pip_install_command:** pip install command (defaults to "`pip install bandit`")
+ - **python_version:** version of python to run workflow with (defaults to "`3.x`")
+
+
+
+
+## References
+ - https://bandit.readthedocs.io/en/latest/
+ - https://pypi.org/project/bandit/
diff --git a/action.yaml b/action.yaml
new file mode 100644
index 0000000..bdd5195
--- /dev/null
+++ b/action.yaml
@@ -0,0 +1,47 @@
+name: actions_python_bandit
+description: Github action for python static type checking with bandit
+branding:
+ icon: 'check-circle'
+ color: 'green'
+inputs:
+ options:
+ description: "additional flags/parameters passed to the bandit command"
+ required: false
+ type: string
+ default: "-r"
+ pip_install_command:
+ description: "command used to install python dependancies"
+ required: false
+ type: string
+ default: "pip install bandit"
+ python_version:
+ description: "version of python to run action with"
+ required: false
+ type: string
+ default: "3.x"
+ src:
+ required: false
+ type: string
+ default: "."
+runs:
+ using: "composite"
+ steps:
+ - uses: actions/checkout@v3
+ - name: "Setup Python ${{ inputs.python_version }}"
+ uses: actions/setup-python@v4
+ with:
+ python-version: ${{ inputs.python_version }}
+
+ - name: "Show Python Version"
+ run: python --version
+ shell: bash
+
+ - name: "Install Python Dependencies"
+ run: |
+ python -m pip install --upgrade pip
+ ${{ inputs.pip_install_command }}
+ shell: bash
+
+ - name: "Run Bandit"
+ run: "bandit ${{ inputs.src }} ${{ inputs.options }}"
+ shell: bash