StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

ame-yu/action-delete-latest-release

ame-yu/action-delete-latest-release

2/10
grafana/grafana/.github/actions/test-coverage-processor

grafana/grafana/.github/actions/test-coverage-processor

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

6/10
1Password/check-signed-commits-action

1Password/check-signed-commits-action

GitHub Action to check PRs for signed commits

4/10
sigstore/cosign-installer

sigstore/cosign-installer

Cosign Github Action

8/10
Kong/public-shared-actions/pr-previews/cleanup

Kong/public-shared-actions/pr-previews/cleanup

Shared actions available to both public and private repositories

6/10
SonarSource/sonarcloud-github-c-cpp

SonarSource/sonarcloud-github-c-cpp

Deprecated. Use https://github.com/SonarSource/sonarqube-scan-action instead.

7/10
step-security/helm-gh-pages

step-security/helm-gh-pages

A GitHub Action for publishing Helm charts to Github Pages. Secure drop-in replacement for stefanprodan/helm-gh-pages.

10/10
Maintained by StepSecurity
ScribeMD/docker-cache

ScribeMD/docker-cache

Cache Docker Images Whether Built or Pulled

3/10
clowdhaus/terraform-composite-actions/pre-commit

clowdhaus/terraform-composite-actions/pre-commit

Contains composit GitHub actions for use with Terraform AWS Module workflows

4/10
jmertic/lfx-landscape-tools

jmertic/lfx-landscape-tools

Tools for updating a landscape from LFX

7/10
h0x0er/actions-runner-controller/.github/actions/execute-assert-arc-e2e

h0x0er/actions-runner-controller/.github/actions/execute-assert-arc-e2e

Kubernetes controller for GitHub Actions self-hosted runners

3/10
coveo/ui-kit/.github/actions/e2e-atomic-search-vuejs

coveo/ui-kit/.github/actions/e2e-atomic-search-vuejs

Coveo UI kit repository, home of @coveo/headless, @coveo/atomic, and more.

4/10
Maintained action available
humbletim/install-vulkan-sdk

humbletim/install-vulkan-sdk

Automatically downloads and installs prebuilt Vulkan SDK releases.

4/10
pkgdeps/git-tag-action

pkgdeps/git-tag-action

[GitHub Action] Get ${version} from package.json and git tag ${version} for the repository.

3/10
projectdiscovery/subfinder

projectdiscovery/subfinder

Fast passive subdomain enumeration tool.

8/10
mbrobbel/rustfmt-check

mbrobbel/rustfmt-check

GitHub Action to format Rust code using rustfmt

5/10
Maintained action available
equinor/fusion-project-portal/.github/actions/client-test

equinor/fusion-project-portal/.github/actions/client-test

Project Portal powered By Fusion

4/10
step-security/repo-file-sync-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/repo-file-sync-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

🔄 GitHub Action to keep files like Action workflows or entire directories in sync between multiple repositories. Secure drop-in replacement for BetaHuhn/repo-file-sync-action.

10/10
mfem/github-actions/build-metis

mfem/github-actions/build-metis

One repo for all mfem GitHub Actions

4/10
necojackarc/auto-request-review

necojackarc/auto-request-review

A GitHub Action that automatically requests review of a pull request based on files changes and/or groups the author belongs to 🤖

3/10