StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/swift-doc/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/swift-doc/__builder_checkout_dir__/.github/actions/secure-download-artifact

A documentation generator for Swift projects. Secure drop-in replacement for SwiftDocOrg/swift-doc.

9/10
grafana/k6-extension-actions/setup-eget

grafana/k6-extension-actions/setup-eget

Reusable composite GitHub actions to support k6 extension development.

2/10
bazelbuild/setup-bazelisk

bazelbuild/setup-bazelisk

Set up your GitHub Actions workflow with a specific version of Bazelisk

5/10
a-line-services/release-pilot

a-line-services/release-pilot

Agnostic package/library development/release CI/CD tool

3/10
chainguard-dev/actions/setup-registry

chainguard-dev/actions/setup-registry

A collection of reusable Github Actions workflows.

8/10
secureblue/approvals-action

secureblue/approvals-action

An action to require approvals from permissionless approvers

3/10
yonasbsd/aws-lc/.github/actions/configure-aws-credentials

yonasbsd/aws-lc/.github/actions/configure-aws-credentials

AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. It ั–s based on code from the Google BoringSSL project and the OpenSSL project.

2/10
Maintained action available
ministryofjustice/hmpps-github-shared-actions/.github/actions/security_veracode_prepare_artifacts

ministryofjustice/hmpps-github-shared-actions/.github/actions/security_veracode_prepare_artifacts

Shared actions for Github workflows to use - PUT NO WORKFLOWS IN HERE! (bootstrapped 2026-03-30)

4/10
nvidia/bare-metal-manager-core/.github/actions/setup-mkosi-environment

nvidia/bare-metal-manager-core/.github/actions/setup-mkosi-environment

NVIDIA Infra Controller - Hardware Lifecycle Management and multitenant networking

6/10
hoprnet/hopr-workflows/actions/release-version

hoprnet/hopr-workflows/actions/release-version

GitHub workflows helping HOPR automate tasks via actions

6/10
juliangruber/sleep-action

juliangruber/sleep-action

Sleep for a set period of time

1/10
Maintained action available
yonasbsd/buck2/.github/actions/init_opam

yonasbsd/buck2/.github/actions/init_opam

Build system, successor to Buck

3/10
Maintained action available
openzeppelin/openzeppelin-upgrades/.github/actions/setup

openzeppelin/openzeppelin-upgrades/.github/actions/setup

Plugins for Hardhat and Foundry to deploy and manage upgradeable contracts on Ethereum.

4/10
Maintained action available
dawidd6/action-ansible-playbook

dawidd6/action-ansible-playbook

:gear: A GitHub Action for running Ansible playbooks

5/10
solana-developers/github-actions/extract-versions

solana-developers/github-actions/extract-versions

A collection of github actions to build, idl upload and verify programs. With Squads support

3/10
Maintained action available
approved-3rd-party-actions/upload-mobile-app-github-action

approved-3rd-party-actions/upload-mobile-app-github-action

The Github action to upload an mobile app file to Kobiton Apps Repo

3/10
actions/setup-java/v4.7.1

actions/setup-java/v4.7.1

Set up your GitHub Actions workflow with a specific version of Java

7/10
officedev/teamsfx-cli-action

officedev/teamsfx-cli-action

teasmfx CI/CD action

3/10
step-security/gh-setup/__builder_checkout_dir__/.github/actions/privacy-check

step-security/gh-setup/__builder_checkout_dir__/.github/actions/privacy-check

:octocat: Setup asset of Github releases. Secure drop-in replacement for k1LoW/gh-setup.

10/10
aquasecurity/tfsec-pr-commenter-action

aquasecurity/tfsec-pr-commenter-action

Add comments to pull requests where tfsec checks have failed

4/10