Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

whelk-io/maven-settings-xml-action

whelk-io/maven-settings-xml-action

Github Action to create maven settings (~/.m2/settings.xml)

4/10
electron/github-app-auth-action

electron/github-app-auth-action

6/10
lfreleng-actions/path-check-action

lfreleng-actions/path-check-action

Check if a given path exists in the repository, reports type

4/10
Azure/pipelines

Azure/pipelines

Enable GitHub developers to trigger Azure Pipelines from a GitHub Actions workflow

5/10
fish-shop/syntax-check

fish-shop/syntax-check

A GitHub action for syntax checking fish shell files.

8/10
Umani/changed-files

Umani/changed-files

GitHub action to export a PR's changed files

2/10
unleftie/ansible-lint-action

unleftie/ansible-lint-action

Run Ansible Lint

4/10
halostatue/starlist

halostatue/starlist

😎 Github action to generate your own awesome list from project you've starred ordered by languages!

1/10
ultralytics/actions/retry

ultralytics/actions/retry

Ultralytics GitHub Actions

7/10
knqyf263/trivy-issue-action

knqyf263/trivy-issue-action

GitHub Actions for creating GitHub Issues according to the Trivy scanning result

5/10
kitabisa/docker-slim-action

kitabisa/docker-slim-action

GitHub Action to minify container image by up to 30x (and for compiled languages even more) making it secure too!

7/10
step-security/assign-author

step-security/assign-author

GitHub Actions to assign author to issue or PR

10/10
Maintained by StepSecurity
neondatabase/dev-actions/release-pr-notify

neondatabase/dev-actions/release-pr-notify

6/10
ethomson/env-action

ethomson/env-action

2/10
slsa-framework/slsa-github-generator/.github/actions/rng

slsa-framework/slsa-github-generator/.github/actions/rng

Language-agnostic SLSA provenance generation for Github Actions

5/10
olivernybroe/action-conflict-finder

olivernybroe/action-conflict-finder

A Github action for finding merge conflicts

4/10
jwalton/gh-docker-logs

jwalton/gh-docker-logs

GitHub Action to collect logs from all docker containers.

1/10
heisenberg-2077/use-npm-token-action

heisenberg-2077/use-npm-token-action

Use an NPM token within an .npmrc file inside GitHub actions. Scoped packages are the primary use case.

2/10
pytorch/torchtitan/test-infra/.github/actions/setup-ssh

pytorch/torchtitan/test-infra/.github/actions/setup-ssh

A PyTorch native library for large model training

4/10
actions-ecosystem/action-bump-semver

actions-ecosystem/action-bump-semver

⏫ GitHub Action to bump the semver version up

3/10