StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

envoyproxy/toolshed/gh-actions/github/command

envoyproxy/toolshed/gh-actions/github/command

6/10
step-security/background-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/background-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

Background commands with log tailing/capture; waits until file/port/socket/http are ready to proceed. Isolates/dedupe errors. Secure drop-in replacement for JarvusInnovations/background-action.

10/10
chikin-4x/action-has-permission

chikin-4x/action-has-permission

GitHub Action to check access permissions of current user

2/10
mdgreenwald/mozilla-sops-action

mdgreenwald/mozilla-sops-action

GitHub Action for installing Sops

7/10
step-security/actions/setup-knative

step-security/actions/setup-knative

A collection of reusable Github Actions workflows.

7/10
brennhill/sloppy-joe

brennhill/sloppy-joe

Shields against supply-chain, slopsquatting, and typosquatting attacks from dependencies and code.

2/10
ministryofjustice/hmpps-probation-integration-services/.github/actions/setup-gradle

ministryofjustice/hmpps-probation-integration-services/.github/actions/setup-gradle

A collection of small, domain-focused integrations to support HMPPS Digital services that need to interact with probation data.

8/10
use-tusk/test-runner

use-tusk/test-runner

Run Tusk-generated tests via a GitHub Action runner

3/10
nvidia/tensorrt-incubator/.github/.tmp/.generated-actions/run-pypi-publish-in-docker-container

nvidia/tensorrt-incubator/.github/.tmp/.generated-actions/run-pypi-publish-in-docker-container

Experimental projects related to TensorRT

3/10
Maintained action available
plbstl/first-contribution

plbstl/first-contribution

Automatically welcome first-time contributors on issues and pull requests

5/10
Maintained action available
tbxark/docker-action

tbxark/docker-action

GitHub Action to build and push Docker images with Buildx

3/10
cardinalby/export-env-action

cardinalby/export-env-action

GitHub Action that exports .env file variables to job env

3/10
jj/pull-request-checks-action

jj/pull-request-checks-action

Returns an array of checked slots in the body of the pull request.

2/10
devantler-tech/ksail/.github/actions/ksail-test-workload-watch

devantler-tech/ksail/.github/actions/ksail-test-workload-watch

All-in-one Kubernetes SDK: create, manage, and operate clusters across distributions (Kind, K3d, Talos, VCluster) with built-in GitOps, secrets, AI assistant, and MCP server. Only requires Docker or a Cloud Provider.

3/10
Maintained action available
ministryofjustice/opg-github-actions/actions/test-env

ministryofjustice/opg-github-actions/actions/test-env

OPG shared GitHub composite actions for workflows.: Managed by opg-org-infra & Terraform

6/10
actions-security-demo/pytorch/.github/actions/diskspace-cleanup

actions-security-demo/pytorch/.github/actions/diskspace-cleanup

Tensors and Dynamic neural networks in Python with strong GPU acceleration

2/10
sonarsource/gh-action_release/main

sonarsource/gh-action_release/main

7/10
simple-icons/labeler

simple-icons/labeler

An action for automatically labelling pull requests

5/10
zulip/github-actions-zulip/public-layout.tsx

zulip/github-actions-zulip/public-layout.tsx

A collection of GitHub Actions to interact with Zulip.

5/10
Maintained action available
dargon789/hardhat/.github/actions/setup-node

dargon789/hardhat/.github/actions/setup-node

Hardhat is a development environment to compile, deploy, test, and debug your Ethereum software.

4/10
Maintained action available