StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/github-create-release-action/__builder_checkout_dir__/.github/actions/privacy-check

step-security/github-create-release-action/__builder_checkout_dir__/.github/actions/privacy-check

Create a GitHub release from a Tag. Secure drop-in replacement for Roang-zero1/github-create-release-action.

10/10
mercurytechnologies/delete-cancelled-runs

mercurytechnologies/delete-cancelled-runs

Deletes cancelled runs for a given workflow

3/10
slsa-framework/source-actions/slsa_with_provenance

slsa-framework/source-actions/slsa_with_provenance

Stores the GitHub Actions used by the SLSA Source Tool

5/10
Maintained action available
pytorch/multipy/test-infra/.github/actions/pull-docker-image

pytorch/multipy/test-infra/.github/actions/pull-docker-image

torch::deploy (multipy for non-torch uses) is a system that lets you get around the GIL problem by running multiple Python interpreters in a single C++ process.

1/10
pavelzw/pytest-action

pavelzw/pytest-action

:octocat: GitHub Action to run pytest with GitHub Job Summaries support :snake: :rocket:

5/10
yonasbsd/mask/.github/actions/attach-release-assets

yonasbsd/mask/.github/actions/attach-release-assets

๐ŸŽญ A CLI task runner defined by a simple markdown file

3/10
rstackjs/rstack-ecosystem-ci/.github/actions/ecosystem_ci_per_commit

rstackjs/rstack-ecosystem-ci/.github/actions/ecosystem_ci_per_commit

Rstack Ecosystem CI

4/10
Maintained action available
imjasonh/gke-auth

imjasonh/gke-auth

K8s cred helper and setup without gcloud

4/10
Maintained action available
ministryofjustice/laa-court-data-ui/.github/actions/delete-dev-release

ministryofjustice/laa-court-data-ui/.github/actions/delete-dev-release

"View court data" webapp for viewing data from HMCTS's "Common Platform"

7/10
chainguard-dev/actions/donotsubmit

chainguard-dev/actions/donotsubmit

A collection of reusable Github Actions workflows.

8/10
magicproduct/packer-plugin-googlecompute/integration-release-action

magicproduct/packer-plugin-googlecompute/integration-release-action

Packer plugin for Google Compute Builder

3/10
pytooling/actions/releaser

pytooling/actions/releaser

Reusable steps and workflows for GitHub Actions

2/10
Maintained action available
appimagecrafters/build-appimage

appimagecrafters/build-appimage

GitHub Action for producing AppImages

3/10
step-security/docs-as-code-confluence/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/docs-as-code-confluence/__builder_checkout_dir__/.github/actions/secure-download-artifact

Publish the content of a folder to confluence Github Action. Secure drop-in replacement for Bhacaz/docs-as-code-confluence.

10/10
zacjw/markdown-html-action

zacjw/markdown-html-action

3/10
celo-org/viem/.github/actions/setup-wagmi

celo-org/viem/.github/actions/setup-wagmi

TypeScript Interface for Ethereum

2/10
nugine/setup-flatc

nugine/setup-flatc

Setup flatc for use in actions

5/10
nvidia/nemoclaw/.trusted-ci-actions/.github/actions/ci-static-checks

nvidia/nemoclaw/.trusted-ci-actions/.github/actions/ci-static-checks

Run agents like Hermes and OpenClaw more securely inside NVIDIA OpenShell with managed inference

4/10
samsung/credsweeper

samsung/credsweeper

CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of credentials (such as token, passwords, api keys etc.) in advance. By scanning lines, filtering, and using AI model as option, CredSweeper reports lines with possible credentials, where the line is, and expected type o

7/10
adrise/local-cache

adrise/local-cache

This action allows caching dependencies and build outputs to improve workflow execution time on self hosted machine.

2/10