StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/ghaction-import-gpg/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/ghaction-import-gpg/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

GitHub Action to import a GPG key. Secure drop-in replacement for crazy-max/ghaction-import-gpg.

10/10
approved-3rd-party-actions/branch-protection

approved-3rd-party-actions/branch-protection

0/10
step-security/ssh-agent/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/ssh-agent/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub Action to setup `ssh-agent` with a private key. Secure drop-in replacement for webfactory/ssh-agent.

10/10
step-security/runs-on-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/runs-on-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

Shockingly faster GitHub Action cache with S3 backend. Secure drop-in replacement for runs-on/cache.

10/10
shivammathur/setup-php

shivammathur/setup-php

GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.

9/10
approved-3rd-party-actions/action-get-release

approved-3rd-party-actions/action-get-release

Get a Github release

2/10
chronograph-pe/build-push-action

chronograph-pe/build-push-action

GitHub Action to build and push Docker images with Buildx

3/10
grafana/shared-workflows/actions/go-flaky-tests

grafana/shared-workflows/actions/go-flaky-tests

A public-facing, centralized place to store reusable workflows used by Grafana Labs.

7/10
GuillaumeFalourd/wait-sleep-action

GuillaumeFalourd/wait-sleep-action

Github actions to wait / sleep during a workflow execution ⏱

3/10
sergeysova/jq-action

sergeysova/jq-action

This lets you do jq operations in GitHub Actions.

4/10
int128/create-ecr-repository-action

int128/create-ecr-repository-action

Action to create Amazon ECR or ECR Public repository and put lifecycle policy

5/10
Maintained action available
bit-tasks/init

bit-tasks/init

Initialize Bit task for CI/CD

0/10
mshick/add-pr-comment

mshick/add-pr-comment

uses: mshick/add-pr-comment@v2

4/10
expo/expo-github-action

expo/expo-github-action

Expo GitHub Action makes it easy to automate EAS builds or updates

5/10
tfsec/tfsec-sarif-action

tfsec/tfsec-sarif-action

4/10
micronaut-projects/github-actions/graalvm/build

micronaut-projects/github-actions/graalvm/build

2/10
Maintained action available
grafana/writers-toolkit/publish-technical-documentation

grafana/writers-toolkit/publish-technical-documentation

Technical documentation guidelines for Grafana Labs documentation

7/10
rockem/create-opsgenie-alert-action

rockem/create-opsgenie-alert-action

GiHub action for creating new alert in OpsGenie

4/10
taiki-e/checkout-action

taiki-e/checkout-action

GitHub Action for checking out a repository. (Simplified actions/checkout alternative that does not depend on Node.js.)

7/10
obrassard/action-sharepoint-publish

obrassard/action-sharepoint-publish

Github Action that create an archive of a repository and upload it to a Sharepoint library

2/10