StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

equinor/action-checkstyle

equinor/action-checkstyle

Fork of the original action to run Checkstyle on your Java code.

7/10
cpcloud/numba-cuda/.github/actions/install_unix_deps

cpcloud/numba-cuda/.github/actions/install_unix_deps

The CUDA target for Numba

3/10
zeebe-io/backport-action

zeebe-io/backport-action

Fast and flexible GitHub action to cherry-pick merged pull requests to selected branches

6/10
step-security/pull-request-comment-trigger/__builder_checkout_dir__/.github/actions/privacy-check

step-security/pull-request-comment-trigger/__builder_checkout_dir__/.github/actions/privacy-check

A github action for detecting a "trigger" in a pull request description or comment. Secure drop-in replacement for Khan/pull-request-comment-trigger.

10/10
xarray-contrib/issue-from-pytest-log

xarray-contrib/issue-from-pytest-log

create issues from pytest-reportlog files

5/10
bazelbuild/continuous-integration/actions/bcr-pr-reviewer

bazelbuild/continuous-integration/actions/bcr-pr-reviewer

Bazel's Continuous Integration Setup

6/10
boneskull/gh-stack/.github/actions/claude-code-review

boneskull/gh-stack/.github/actions/claude-code-review

A GitHub CLI extension for managing stacked pull requests.

4/10
Maintained action available
coveord/snowpark-java-scala/jira/gajira-issue-update

coveord/snowpark-java-scala/jira/gajira-issue-update

Snowflake Snowpark Java & Scala API

4/10
gradle/actions/dependency-submission

gradle/actions/dependency-submission

A collection of GitHub Actions to accelerate your Gradle Builds on GitHub

7/10
sonarsource/release-github-actions/sonar-update-center-release

sonarsource/release-github-actions/sonar-update-center-release

A collection of reusable GitHub Actions to automate the analyzer release process. This toolbox offers modular automations to reduce manual work for squads, handling tasks like changelog generation, version bumps, and release publishing. These actions help teams focus on code quality by simplifying workflows.

5/10
Maintained action available
mitoma/sver-actions/exec

mitoma/sver-actions/exec

GitHub Actions for sver

5/10
Maintained action available
git-hub-chris/visualstudiocode/actions/locker

git-hub-chris/visualstudiocode/actions/locker

Microsoft Visual Studio Code.

6/10
wei/wget

wei/wget

Wraps the wget CLI to be used in Github Actions

3/10
viasat::Git-Viasat-Com-PoC::seceng-vionix-stepsecurity-poc-test/seceng-devsecops-platform/actions-download-artifact

viasat::Git-Viasat-Com-PoC::seceng-vionix-stepsecurity-poc-test/seceng-devsecops-platform/actions-download-artifact

Github Action from https://github.com/actions/download-artifact

1/10
Maintained action available
olympix/bugpocer-action

olympix/bugpocer-action

2/10
actions-security-demo/script-injection/.github/workflows/actions/changelog

actions-security-demo/script-injection/.github/workflows/actions/changelog

2/10
nvidia/nvrc/__builder_checkout_dir__/.github/actions/image

nvidia/nvrc/__builder_checkout_dir__/.github/actions/image

The NVRC project provides a Rust binary that implements a simple init system for microVMs.

5/10
Maintained action available
sersoft-gmbh/setup-gh-cli-action

sersoft-gmbh/setup-gh-cli-action

A GitHub action that installs or updates the gh CLI

5/10
Maintained action available
envoyproxy/toolshed/actions/docker/cache/prime

envoyproxy/toolshed/actions/docker/cache/prime

6/10
caffeelake/serenity/.github/actions/setup

caffeelake/serenity/.github/actions/setup

The Serenity Operating System ๐Ÿž

5/10