diff --git a/Library/Homebrew/dev-cmd/audit.rb b/Library/Homebrew/dev-cmd/audit.rb
index 12eaf9167e..2c5fdcc957 100644
--- a/Library/Homebrew/dev-cmd/audit.rb
+++ b/Library/Homebrew/dev-cmd/audit.rb
@@ -1288,6 +1288,11 @@ class ResourceAuditor
       problem "Please use https:// for #{u}"
     end
 
+    # Check for master branch GitHub archives.
+    urls.grep(%r{^https://github\.com/.*archive/master\.(tar\.gz|zip)$}) do
+      problem "Use versioned rather than branch tarballs for stable checksums."
+    end
+
     # Use new-style archive downloads
     urls.each do |u|
       next unless u =~ %r{https://.*github.*/(?:tar|zip)ball/} && u !~ /\.git$/