StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

actions/upload-release-asset

actions/upload-release-asset

An Action to upload a release asset via the GitHub Release API

6/10
peter-evans/dockerhub-description

peter-evans/dockerhub-description

A GitHub action to update a Docker Hub repository description from README.md

6/10
yonasBSD/turbo/.github/actions/setup-capnproto

yonasBSD/turbo/.github/actions/setup-capnproto

Incremental bundler and build system optimized for JavaScript and TypeScript, written in Rust.

5/10
Maintained action available
tbowman01/Soc-2-compliance

tbowman01/Soc-2-compliance

2/10
Dargon789/coinbase-smartcontracts/.github/actions/setup-node

Dargon789/coinbase-smartcontracts/.github/actions/setup-node

coinbase ethereum smartcontracts deploy dapp hardhat foundry remixproject & tenderly verify contract uniswap 1inch defi dex token

7/10
yonasBSD/slint/.github/actions/codesign

yonasBSD/slint/.github/actions/codesign

Slint is an open-source declarative GUI toolkit to build native user interfaces for Rust, C++, JavaScript, or Python apps.

2/10
bazel-contrib/setup-bazel

bazel-contrib/setup-bazel

GitHub Action to configure Bazel

6/10
grafana/grafana-github-actions-go/bump-release

grafana/grafana-github-actions-go/bump-release

Grafana GitHub Actions in Golang

3/10
pytorch/pytorch.github.io/test-infra/.github/actions/export-matrix-variables

pytorch/pytorch.github.io/test-infra/.github/actions/export-matrix-variables

The website for PyTorch

3/10
Maintained action available
NVIDIA/JAX-Toolbox/.github/actions/gke-xpk

NVIDIA/JAX-Toolbox/.github/actions/gke-xpk

JAX-Toolbox

6/10
Tsukimarf/docs/.github/actions/retry-command

Tsukimarf/docs/.github/actions/retry-command

The open-source repo for docs.github.com

4/10
Maintained action available
lcarva/review-rot-action/run

lcarva/review-rot-action/run

GitHub actions for review-rot

3/10
ministryofjustice/hmpps-community-payback-ui/.github/actions/slack_failure_notification

ministryofjustice/hmpps-community-payback-ui/.github/actions/slack_failure_notification

UI for community payback (bootstrapped 2025-08-15)

8/10
NVIDIA/kata-containers/.github/cargo-deny-composite-action

NVIDIA/kata-containers/.github/cargo-deny-composite-action

Kata containers is an implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.

2/10
suzuki-shunsuke/github-action-renovate-config-validator

suzuki-shunsuke/github-action-renovate-config-validator

GitHub Actions for renovate-config-validator

6/10
step-security/proof-html/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/proof-html/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

A GitHub Action to validate HTML, check links, and more ✅. Secure drop-in replacement for anishathalye/proof-html.

10/10
jasonn3/build-container-installer

jasonn3/build-container-installer

Creates an ISO for installing a container image as an OS

4/10
kritsanan1/attest-build-provenance

kritsanan1/attest-build-provenance

Action for generating build provenance attestations for workflow artifacts

2/10
step-security/runs-on-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/runs-on-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Shockingly faster GitHub Action cache with S3 backend. Secure drop-in replacement for runs-on/cache.

10/10
dsanders11/project-actions/copy-project

dsanders11/project-actions/copy-project

A collection of actions for automating GitHub projects

5/10
Maintained action available