StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

actionshub/chef-delivery

actionshub/chef-delivery

Repository for the chef-delivery-action Github Action

5/10
elastic/apm-agent-java/.github/workflows/stash

elastic/apm-agent-java/.github/workflows/stash

8/10
metamask/github-tools/.github/actions/create-release-pr

metamask/github-tools/.github/actions/create-release-pr

An assortment of tools interacting with the GitHub API to get metrics for things like PR review comments/reviews

5/10
Maintained action available
fortify/github-action/internal/fod-logout

fortify/github-action/internal/fod-logout

Fortify GitHub Actions

2/10
Maintained action available
tanker187/terraform/.github/actions/go-version

tanker187/terraform/.github/actions/go-version

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.

3/10
seemethere/download-artifact-s3

seemethere/download-artifact-s3

2/10
estroz/rerun-actions

estroz/rerun-actions

A GitHub App that re-runs Action Workflows via PR comment commands.

3/10
docker/setup-qemu-action

docker/setup-qemu-action

GitHub Action to install QEMU static binaries

8/10
step-security/ansible-galaxy-action/__builder_checkout_dir__/.github/actions/wp-content

step-security/ansible-galaxy-action/__builder_checkout_dir__/.github/actions/wp-content

This Action will import ansible roles on galaxy-ng. Secure drop-in replacement for ansible-actions/ansible-galaxy-action.

10/10
op5dev/tf-via-pr

op5dev/tf-via-pr

Plan and apply Terraform/OpenTofu via PR automation, using best practices for secure and scalable IaC workflows.

7/10
mheap/github-action-required-labels

mheap/github-action-required-labels

Fail the build if/unless a certain combination of labels are applied to a pull request

4/10
nanasess/setup-chromedriver

nanasess/setup-chromedriver

ChromeDriver for use in GitHub Actions

5/10
Maintained action available
scribemd/docker-cache

scribemd/docker-cache

Cache Docker Images Whether Built or Pulled

3/10
peter-evans/create-issue-from-file

peter-evans/create-issue-from-file

A GitHub action to create an issue using content from a file

5/10
Maintained action available
coveo/ui-kit/.github/actions/setup-sfdx

coveo/ui-kit/.github/actions/setup-sfdx

Coveo UI kit repository, home of @coveo/headless, @coveo/atomic, and more.

4/10
Maintained action available
hashicorp/ghaction-import-gpg

hashicorp/ghaction-import-gpg

DEPRECATED - GitHub action to import GPG private key

5/10
mitchellh/vouch/action/manage-by-issue

mitchellh/vouch/action/manage-by-issue

A community trust management system based on explicit vouches to participate.

3/10
asana/push-signed-commits

asana/push-signed-commits

This composite Github Action uses the createCommitOnBranch GraphQL mutation to allow Github Apps to push 'Verified' commits to Github.

3/10
ministryofjustice/hmpps-delius-operational-automation/.github/actions/send-slack-notification

ministryofjustice/hmpps-delius-operational-automation/.github/actions/send-slack-notification

6/10
grafana/alloy/_shared-workflows-dockerhub-login/actions/get-vault-secrets

grafana/alloy/_shared-workflows-dockerhub-login/actions/get-vault-secrets

OpenTelemetry Collector distribution with programmable pipelines

6/10