StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

distroless/actions/apko-build

distroless/actions/apko-build

GitHub actions for the chainguard-images

8/10
codespell-project/codespell-problem-matcher

codespell-project/codespell-problem-matcher

A problem matcher for codespell to annotate via GitHub actions

4/10
apache/infrastructure-actions/stash/save

apache/infrastructure-actions/stash/save

Apache infrastructure

5/10
Maintained action available
EPMatt/reviewdog-action-tsc

EPMatt/reviewdog-action-tsc

Run tsc with reviewdog :dog:

5/10
step-security/dynamodb-actions/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/dynamodb-actions/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Integrate Github Action with Amazon DynamoDB. Secure drop-in replacement for mooyoul/dynamodb-actions.

10/10
approved-3rd-party-actions/gotestfmt-action

approved-3rd-party-actions/gotestfmt-action

GitHub Action for gotestfmt

3/10
grafana/alloy/actions/backport

grafana/alloy/actions/backport

OpenTelemetry Collector distribution with programmable pipelines

7/10
reviewdog/action-nimlint

reviewdog/action-nimlint

Run nim check with reviewdog

3/10
step-security/action-semantic-pull-request/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/action-semantic-pull-request/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

GitHub Action that ensures that your PR title matches the Conventional Commits spec. Secure drop-in replacement for amannn/action-semantic-pull-request.

10/10
step-security/rust-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/rust-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

A GitHub Action that implements smart caching for rust/cargo projects. Secure drop-in replacement for Swatinem/rust-cache.

10/10
oxsecurity/megalinter

oxsecurity/megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

8/10
s-weigand/setup-conda

s-weigand/setup-conda

This action adds the `conda` command from the on the worker preinstalled miniconda version to the known shell commands.

4/10
tomhjp/gh-action-jira-search

tomhjp/gh-action-jira-search

GitHub Action to search for a specific Jira issue with JQL

3/10
Mercymeilya/last-workflow-status

Mercymeilya/last-workflow-status

4/10
Malcolmnixon/Setup-VSTest

Malcolmnixon/Setup-VSTest

Set up your GitHub Actions workflow to add VSTest.Console.exe into the PATH

2/10
micahstubbs/pr-reading-time

micahstubbs/pr-reading-time

GitHub Action that estimates and displays reading/review time for pull requests

3/10
atlassian/gajira-comment

atlassian/gajira-comment

3/10
Git-Hub-Chris/NumPy/.github/actions

Git-Hub-Chris/NumPy/.github/actions

Fundamental package for scientific computing with Python.

4/10
Maintained action available
crazy-max/.github/.github/actions/docker-scout

crazy-max/.github/.github/actions/docker-scout

4/10
Maintained action available
derberg/copy-files-to-other-repositories

derberg/copy-files-to-other-repositories

GitHub Action that introduces support for global workflows. Global workflows are the one you update in just one repo and they are automatically updated in other repositories.

3/10