StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

appleboy/scp-action

appleboy/scp-action

GitHub Action that copy files and artifacts via SSH.

5/10
step-security/fetch-gh-release-asset

step-security/fetch-gh-release-asset

Github Action to download an asset from a Github release. Secure drop-in replacement for dsaltares/fetch-gh-release-asset.

9/10
Maintained by StepSecurity
ad-m/github-push-action

ad-m/github-push-action

GitHub actions to push back to repository eg. updated code

5/10
openzeppelin/openzeppelin-adapters/../__tool_action_dir__

openzeppelin/openzeppelin-adapters/../__tool_action_dir__

OpenZeppelin Ecosystem Adapters are a set of modular, chain-specific integration packages that bridge the gap between blockchain ecosystems and developer tooling.

1/10
step-security/setup-cocoapods

step-security/setup-cocoapods

Set up your GitHub Actions workflow with a specific version of Cocoapods. Secure drop-in replacement for maxim-lobanov/setup-cocoapods.

9/10
Maintained by StepSecurity
caffeelake/cilium/.github/actions/cilium-config

caffeelake/cilium/.github/actions/cilium-config

eBPF-based Networking, Security, and Observability

3/10
alexellis/upload-assets

alexellis/upload-assets

GitHub Action to upload multiple assets to a release

3/10
touchlab/ga-update-release-tag

touchlab/ga-update-release-tag

GitHub action to update git tag for a GitHub Release. Used in support of KMMBridge publishing.

2/10
actions-security-demo/script-injection/pkg/build/actions/bump-version

actions-security-demo/script-injection/pkg/build/actions/bump-version

2/10
step-security/helm-gh-pages/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/helm-gh-pages/__builder_checkout_dir__/.github/actions/secure-download-artifact

A GitHub Action for publishing Helm charts to Github Pages. Secure drop-in replacement for stefanprodan/helm-gh-pages.

10/10
coinbase/cdp-sdk/.github/actions/fetch-docs-artifact

coinbase/cdp-sdk/.github/actions/fetch-docs-artifact

Client libraries for managing EVM and Solana wallets while relying on CDP to secure private keys.

6/10
caffeelake/llvm-project/workflows-main/.github/workflows/release-binaries-save-stage

caffeelake/llvm-project/workflows-main/.github/workflows/release-binaries-save-stage

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.

2/10
zaproxy/action-full-scan

zaproxy/action-full-scan

A GitHub Action for running the ZAP Full scan

6/10
oracle-actions/setup-java

oracle-actions/setup-java

GitHub Action to download and install Oracle's Java Development Kit builds

6/10
actions-rs/toolchain

actions-rs/toolchain

๐Ÿ› ๏ธ GitHub Action for `rustup` commands

3/10
lfreleng-actions/gerrit-clone-action

lfreleng-actions/gerrit-clone-action

Action to bulk clone (in parallel) an entire Gerrit server repository hierarchy

4/10
Maintained action available
asyncapi/.github/.github/actions/get-node-version-from-package-lock

asyncapi/.github/.github/actions/get-node-version-from-package-lock

Location of all reusable community health files

6/10
pytorch/pytorch/pytorch/.github/actions/ecr-login

pytorch/pytorch/pytorch/.github/actions/ecr-login

Tensors and Dynamic neural networks in Python with strong GPU acceleration

4/10
Maintained action available
step-security/create-pull-request/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/create-pull-request/__builder_checkout_dir__/.github/actions/secure-download-artifact

A GitHub action to create a pull request for changes to your repository in the actions workspace. Secure drop-in replacement for peter-evans/create-pull-request.

9/10
proyecto-chaucha/chaucha-gha-wallet-generator

proyecto-chaucha/chaucha-gha-wallet-generator

Chaucha functions for usage with Github Actions

3/10