StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

foundry-rs/foundry-toolchain

foundry-rs/foundry-toolchain

GitHub action to install Foundry

9/10
reugn/github-action-aerospike

reugn/github-action-aerospike

GitHub Action to set up an Aerospike database

4/10
step-security/secrets-sync-action

step-security/secrets-sync-action

A Github Action that can sync secrets from one repository to many others. Secure drop-in replacement for jpoehnelt/secrets-sync-action.

10/10
Maintained by StepSecurity
primait/setup-yq

primait/setup-yq

5/10
rudderlabs/rudder-sdk-kotlin/.github/actions/setup-and-find-modules

rudderlabs/rudder-sdk-kotlin/.github/actions/setup-and-find-modules

Kotlin Android SDK and Kotlin JVM for RudderStack - the Customer Data Platform for Developers.

6/10
microsoft/variable-substitution

microsoft/variable-substitution

Enable GitHub developers to parameterize the values in their config files from a GitHub Action workflow

5/10
peter-evans/close-issue

peter-evans/close-issue

A GitHub action to close an issue

6/10
winterjung/comment

winterjung/comment

GitHub action to comment on pr, issue

3/10
step-security/gha-repo-manager/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/gha-repo-manager/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Manage your Github repo(s) settings and secrets using Github Actions and a yaml file. Secure drop-in replacement for andrewthetechie/gha-repo-manager.

10/10
elastic/cloudbeat/.github/actions/slack-notification

elastic/cloudbeat/.github/actions/slack-notification

Analyzing Cloud Security Posture

6/10
veracode/Veracode-pipeline-scan-action

veracode/Veracode-pipeline-scan-action

Veracode Pipeline-Scan GitHub Action

5/10
Maintained action available
step-security/dispatch-workflow

step-security/dispatch-workflow

A GitHub Action to Dispatch and Discover GitHub Workflows using workflow_dispatch or repository_dispatch. Secure drop-in replacement for lasith-kg/dispatch-workflow.

10/10
Maintained by StepSecurity
kirillplatonov/action-standard

kirillplatonov/action-standard

Run Standard Ruby with Reviewdog 🐶

3/10
dagster-io/dagster-cloud-action/actions/utils/parse_workspace

dagster-io/dagster-cloud-action/actions/utils/parse_workspace

4/10
c2corg/browserslist-update-action

c2corg/browserslist-update-action

A Github Action that runs `npx update-browserslist-db@latest` on a repository and proposes a pull request to merge updates.

4/10
Maintained action available
NVIDIA/cccl/.github/actions/version-update

NVIDIA/cccl/.github/actions/version-update

CUDA Core Compute Libraries

8/10
grafana/sigma-rule-deployment/actions/deploy

grafana/sigma-rule-deployment/actions/deploy

Automate the conversion and deployment of Sigma Rules to Grafana Alerting via GitHub Actions

7/10
jwgmeligmeyling/checkstyle-github-action

jwgmeligmeyling/checkstyle-github-action

Push Chekcstyle results as check run annotations

2/10
open-policy-agent/setup-opa

open-policy-agent/setup-opa

Sets up Open Policy Agent CLI in your GitHub Actions workflow.

6/10
josStorer/get-current-time

josStorer/get-current-time

This action sets the current ISO8601 time to the time output and also provides readableTime, formattedTime, and many more digital outputs like year, day, second, etc. Useful for setting build times in subsequent steps, renaming your artifact, or keeping the same recorded time for the entire workflow.

3/10