Assess the risk of third-party GitHub Actions
Examples: ,
Actions
Assess all the actions
touchlab/ga-update-release-tag
GitHub action to update git tag for a GitHub Release. Used in support of KMMBridge publishing.
actions-security-demo/script-injection/pkg/build/actions/bump-version
onekeyhq/actions/build-plist-edit
Github Actions
step-security/helm-gh-pages/__builder_checkout_dir__/.github/actions/secure-download-artifact
A GitHub Action for publishing Helm charts to Github Pages. Secure drop-in replacement for stefanprodan/helm-gh-pages.
launchdarkly/rust-server-sdk-evaluation/.github/actions/build-docs
Types and eval logic for LaunchDarkly Rust SDKs
dchourasia/ms-teams-notification
Microsoft Teams Notification from Github Workflow
coinbase/cdp-sdk/.github/actions/fetch-docs-artifact
Client libraries for managing EVM and Solana wallets while relying on CDP to secure private keys.
step-security/background-action/__builder_checkout_dir__/.github/actions/privacy-check
Background commands with log tailing/capture; waits until file/port/socket/http are ready to proceed. Isolates/dedupe errors. Secure drop-in replacement for JarvusInnovations/background-action.
caffeelake/llvm-project/workflows-main/.github/workflows/release-binaries-save-stage
The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
step-security/semver-action/__builder_checkout_dir__/.github/actions/privacy-check
GitHub Action to calculate the next release version based on conventional commits. Secure drop-in replacement for ietf-tools/semver-action.
centml/dynamo/.github/actions/check-vcluster-exists
A Datacenter Scale Distributed Inference Serving Framework
zaproxy/action-full-scan
A GitHub Action for running the ZAP Full scan
yonasbsd/mise/.github/actions/fetch-token
dev tools, env vars, task runner
oracle-actions/setup-java
GitHub Action to download and install Oracle's Java Development Kit builds
actions-rs/toolchain
๐ ๏ธ GitHub Action for `rustup` commands
lfreleng-actions/gerrit-clone-action
Action to bulk clone (in parallel) an entire Gerrit server repository hierarchy
asyncapi/.github/.github/actions/get-node-version-from-package-lock
Location of all reusable community health files
pytorch/pytorch/pytorch/.github/actions/ecr-login
Tensors and Dynamic neural networks in Python with strong GPU acceleration
step-security/action-shfmt/__builder_checkout_dir__/.github/actions/secure-download-artifact
Run shfmt with reviewdog. Secure drop-in replacement for reviewdog/action-shfmt.
step-security/create-pull-request/__builder_checkout_dir__/.github/actions/secure-download-artifact
A GitHub action to create a pull request for changes to your repository in the actions workspace. Secure drop-in replacement for peter-evans/create-pull-request.