StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

JulienKode/pull-request-name-linter-action

JulienKode/pull-request-name-linter-action

⚡️ Lint pull request name with commit lint. This is useful if you squash merge your pull requests ⚡️

3/10
Maintained action available
step-security/action-install-gh-release/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/action-install-gh-release/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub Action to install the Github Release binaries. Secure drop-in replacement for jaxxstorm/action-install-gh-release.

10/10
wagoid/commitlint-github-action

wagoid/commitlint-github-action

Lints Pull Request commits with commitlint

3/10
step-security/quarto-actions/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

step-security/quarto-actions/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

Secure drop-in replacement for quarto-dev/quarto-actions.

10/10
elastic/oblt-actions/oblt-cli/cluster-create-ccs

elastic/oblt-actions/oblt-cli/cluster-create-ccs

7/10
oxsecurity/megalinter/flavors/terraform

oxsecurity/megalinter/flavors/terraform

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

7/10
stackhawk/hawkscan-action

stackhawk/hawkscan-action

🦅 Run a StackHawk scan in GitHub Actions

4/10
seemethere/upload-artifact-s3

seemethere/upload-artifact-s3

3/10
frenck/action-addon-linter

frenck/action-addon-linter

🚀 Frenck's GitHub Action for linting Home Assistant Add-ons.

6/10
codecov/test-results-action

codecov/test-results-action

6/10
federacy/scan-action

federacy/scan-action

Github Action for security scanning utilizing Salus by Coinbase

2/10
step-security/setup-yq

step-security/setup-yq

Sets up YQ, yet-another-markup-language-query-er, for use in your Github Actions workflow. Secure drop-in replacement for chrisdickinson/setup-yq.

10/10
Maintained by StepSecurity
step-security/delete-untagged-ghcr-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/delete-untagged-ghcr-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

Action for delete containers from Github container registry. Secure drop-in replacement for Chizkiyahu/delete-untagged-ghcr-action.

10/10
grafana/plugin-ci-workflows/actions/internal/plugins/package

grafana/plugin-ci-workflows/actions/internal/plugins/package

Re-usable GitHub Actions workflows for building, testing, releasing and deploying plugins

7/10
OPENAI/codex/.github/actions/.github/codex-cli-splash.png

OPENAI/codex/.github/actions/.github/codex-cli-splash.png

Lightweight coding agent that runs in your terminal

5/10
Maintained action available
actions-security-demo/script-injection/.grafana-main/pkg/build/actions/bump-version

actions-security-demo/script-injection/.grafana-main/pkg/build/actions/bump-version

2/10
grafana/grafana/.github/actions/setup-grafana-bench

grafana/grafana/.github/actions/setup-grafana-bench

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

6/10
step-security/setup-applanga-cli/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/setup-applanga-cli/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Secure drop-in replacement for applanga/setup-applanga-cli.

10/10
koki-develop/hub-purge-action

koki-develop/hub-purge-action

🧹 Action to clear GitHub image caches.

2/10
mercari/actions-runner-controller/.github/actions/execute-assert-arc-e2e

mercari/actions-runner-controller/.github/actions/execute-assert-arc-e2e

Kubernetes controller for GitHub Actions self-hosted runners

3/10