StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

onbjerg/foundry-toolchain

onbjerg/foundry-toolchain

GitHub action to install Foundry

8/10
openzeppelin/tron-contracts/.github/actions/setup

openzeppelin/tron-contracts/.github/actions/setup

3/10
envoyproxy/toolshed/gh-actions/gpg/import

envoyproxy/toolshed/gh-actions/gpg/import

6/10
sh-cho/cloudflare-docs/.github/actions/assign-pr

sh-cho/cloudflare-docs/.github/actions/assign-pr

Cloudflare’s documentation

0/10
step-security/semver-utils/__builder_checkout_dir__/.github/actions/privacy-check

step-security/semver-utils/__builder_checkout_dir__/.github/actions/privacy-check

One-stop shop for working with semantic versions in your GitHub Actions workflows. Secure drop-in replacement for madhead/semver-utils.

10/10
distroless/actions/vul-scans

distroless/actions/vul-scans

GitHub actions for the chainguard-images

8/10
loopwerk/tag-changelog

loopwerk/tag-changelog

Automatically generate a changelog since the last tag, using the conventional commit format

2/10
fabricmc/fabric-action-scripts

fabricmc/fabric-action-scripts

A collection of custom scripts used by Fabric's Github action workflows

2/10
viasat::Git-Viasat-Com-PoC::seceng-vionix-stepsecurity-poc-test/viarise/checkout

viasat::Git-Viasat-Com-PoC::seceng-vionix-stepsecurity-poc-test/viarise/checkout

Fork of upstream: https://github.com/actions/checkout

1/10
Maintained action available
gittools/actions/gitversion/execute

gittools/actions/gitversion/execute

GitHub Action that installs and uses the GitVersion and GitReleaseManager tools

7/10
ory/ci/licenses/setup

ory/ci/licenses/setup

Automation and robots for Ory's CI and CD pipelines

4/10
regclient/actions/regctl-installer

regclient/actions/regctl-installer

7/10
anz-bank/sysl-go-demo/.github/action/github-tag-action

anz-bank/sysl-go-demo/.github/action/github-tag-action

Demo Application built using Sysl-Go. Serves as a platform for showcasing Sysl-Go features.

2/10
project-tick/project-tick/.github/actions/meshmc/setup-dependencies/windows

project-tick/project-tick/.github/actions/meshmc/setup-dependencies/windows

Project Tick is a project dedicated to providing developers with ease of use and users with long-lasting software. SoT: https://git.projecttick.org/project-tick

5/10
devantler-tech/ksail/.github/actions/free-disk-space

devantler-tech/ksail/.github/actions/free-disk-space

All-in-one Kubernetes SDK: create, manage, and operate clusters across distributions (Kind, K3d, Talos, VCluster) with built-in GitOps, secrets, AI assistant, and MCP server. Only requires Docker or a Cloud Provider.

3/10
Maintained action available
gregziegan/fetch-latest-release

gregziegan/fetch-latest-release

A tiny GitHub action to fetch the latest GitHub release for a given repository

3/10
step-security/docker-swiftlint/.github/actions/configure-docker-containerd-image-store

step-security/docker-swiftlint/.github/actions/configure-docker-containerd-image-store

Docker image of SwiftLint on ubuntu

10/10
grafana/grafana-iot-twinmaker-app/actions/commands

grafana/grafana-iot-twinmaker-app/actions/commands

AWS IoT TwinMaker Application Plugin for Grafana

7/10
nosense588/spring-boot/.github/actions/publish-gradle-plugin

nosense588/spring-boot/.github/actions/publish-gradle-plugin

Spring Boot helps you to create Spring-powered, production-grade applications and services with absolute minimum fuss.

2/10
tex-live/setup-texlive-action

tex-live/setup-texlive-action

A GitHub Action to set up TeX Live

3/10
Maintained action available