StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

nvidia/aicr/.github/actions/attest-image-from-tag

nvidia/aicr/.github/actions/attest-image-from-tag

Tooling for optimized, validated, and reproducible GPU-accelerated AI runtime in Kubernetes

7/10
ministryofjustice/opg-reports/.github/actions/database-upload

ministryofjustice/opg-reports/.github/actions/database-upload

Development repository: Managed by opg-org-infra & Terraform

8/10
razorpay/blade/.github/actions/fill

razorpay/blade/.github/actions/fill

Design System that powers Razorpay

5/10
Maintained action available
adriangl/check-new-commits-action

adriangl/check-new-commits-action

GitHub action that checks if there has been any new commit in a given time frame

4/10
Maintained action available
grafana/mimir/actions/backport

grafana/mimir/actions/backport

Grafana Mimir provides horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus.

6/10
endbug/project-fields

endbug/project-fields

:octocat: A GitHub Action to interact with project fields

3/10
Maintained action available
rick1330/ibex-harness/.github/actions/trunk-upload-junit

rick1330/ibex-harness/.github/actions/trunk-upload-junit

Production-grade AI agent memory and context management platform (monorepo)

6/10
rudderlabs/github-action-check-size-limit

rudderlabs/github-action-check-size-limit

Compare the real cost to run your JS app or lib to keep good performance in every pull request

3/10
step-security/assign-author/__builder_checkout_dir__/.github/actions/privacy-check

step-security/assign-author/__builder_checkout_dir__/.github/actions/privacy-check

GitHub Actions to assign author to issue or PR. Secure drop-in replacement for technote-space/assign-author.

8/10
fortify/gha-setup-fod-uploader

fortify/gha-setup-fod-uploader

Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead

2/10
step-security/setup-android/__builder_checkout_dir__/.github/actions/privacy-check

step-security/setup-android/__builder_checkout_dir__/.github/actions/privacy-check

Android SDK setup for GitHub Actions. Secure drop-in replacement for android-actions/setup-android.

10/10
sonarsource/gh-action-lt-backlog/lockbranch

sonarsource/gh-action-lt-backlog/lockbranch

Automate GitHub backlog and Kanbans

8/10
adishm98/auth-vpn

adishm98/auth-vpn

Self-hosted VPN tunnel for cloud VMs. One binary, one open port, every Docker container becomes privately reachable.

3/10
step-security/setup-buildx-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/setup-buildx-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

GitHub Action to set up Docker Buildx. Secure drop-in replacement for docker/setup-buildx-action.

8/10
amyu/setup-android

amyu/setup-android

Setup Android SDK for self hosted runner

3/10
Maintained action available
yonasbsd/buck2/.github/actions/build_example_toolchain

yonasbsd/buck2/.github/actions/build_example_toolchain

Build system, successor to Buck

3/10
Maintained action available
yonasbsd/paradedb/.github/actions/benchmark-stressgres

yonasbsd/paradedb/.github/actions/benchmark-stressgres

ParadeDB is a modern Elasticsearch alternative built on Postgres. Built for real-time, update-heavy workloads.

4/10
Maintained action available
h0x0er/thecombine/.github/actions/combine-build

h0x0er/thecombine/.github/actions/combine-build

This is a tool for supporting the rapid word collection workshop and post workshop clean-up

2/10
actions-security-demo/poc-1/.github/actions/custom

actions-security-demo/poc-1/.github/actions/custom

Proof of concept repo 1

3/10
Maintained action available
unsignedapps/swift-create-xcframework

unsignedapps/swift-create-xcframework

A simple Command Line Tool to create XCFrameworks by wrapping xcodebuild.

4/10