In order to make the CI github action more useful to users we should look in to the possibility of converting the vulnerability report into sarif format (http://docs.oasis-open.org/sarif/sarif/v2.0/csprd01/sarif-v2.0-csprd01.html) This will allow the results to be surfaced in the security tab of a repo within github's UI.