StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

githubsecuritylab/actions-permissions/advisor

githubsecuritylab/actions-permissions/advisor

GitHub token permissions Monitor and Advisor actions

3/10
bazel-contrib/setup-bazel

bazel-contrib/setup-bazel

GitHub Action to configure Bazel

5/10
Maintained action available
microsoft/devskim-action

microsoft/devskim-action

The GitHub Action for DevSkim

7/10
datadog/integrations-core/core-temp/.github/actions/setup-test-target-scripts

datadog/integrations-core/core-temp/.github/actions/setup-test-target-scripts

Core integrations of the Datadog Agent

4/10
Maintained action available
nv-gha-runners/cuda-python/.github/actions/install_unix_deps

nv-gha-runners/cuda-python/.github/actions/install_unix_deps

CUDA Python: Performance meets Productivity

4/10
grafana/grafana-github-actions-go/bump-release

grafana/grafana-github-actions-go/bump-release

Grafana GitHub Actions in Golang

3/10
pytorch/pytorch.github.io/test-infra/.github/actions/export-matrix-variables

pytorch/pytorch.github.io/test-infra/.github/actions/export-matrix-variables

The website for PyTorch

3/10
Maintained action available
domblack/github-release

domblack/github-release

Github Action to create, update, or add files to Github Releases

3/10
lcarva/review-rot-action/run

lcarva/review-rot-action/run

GitHub actions for review-rot

3/10
ministryofjustice/hmpps-community-payback-ui/.github/actions/slack_failure_notification

ministryofjustice/hmpps-community-payback-ui/.github/actions/slack_failure_notification

UI for community payback (bootstrapped 2025-08-15)

7/10
suzuki-shunsuke/github-action-renovate-config-validator

suzuki-shunsuke/github-action-renovate-config-validator

GitHub Actions for renovate-config-validator

6/10
jasonn3/build-container-installer

jasonn3/build-container-installer

Creates an ISO for installing a container image as an OS

5/10
kritsanan1/attest-build-provenance

kritsanan1/attest-build-provenance

Action for generating build provenance attestations for workflow artifacts

2/10
dsanders11/project-actions/copy-project

dsanders11/project-actions/copy-project

A collection of actions for automating GitHub projects

5/10
Maintained action available
sailpoint-oss/github-spectral-action

sailpoint-oss/github-spectral-action

A Github Action that will take in the changed files from a pull request and create a error report as a comment on the PR.

2/10
step-security/create-or-update-comment/__builder_checkout_dir__/.github/actions/privacy-check

step-security/create-or-update-comment/__builder_checkout_dir__/.github/actions/privacy-check

A GitHub action to create or update an issue or pull request comment. Secure drop-in replacement for peter-evans/create-or-update-comment.

9/10
bridgecrewio/bridgecrew-action

bridgecrewio/bridgecrew-action

This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

3/10
superfly/flyctl-actions

superfly/flyctl-actions

:octocat: GitHub Action that wraps the flyctl

4/10
aabed/slack-file-upload-action

aabed/slack-file-upload-action

This action uploads file to slack

0/10
port-labs/ocean-sail

port-labs/ocean-sail

3/10