StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

koj-co/release-scheduler

koj-co/release-scheduler

🚂 Schedule a weekly or monthly Semantic Release

3/10
dsanders11/project-actions/add-item

dsanders11/project-actions/add-item

A collection of actions for automating GitHub projects

4/10
Maintained action available
rubenesp87/semver-validation-action

rubenesp87/semver-validation-action

SEMVER validation Github Action

3/10
anmol098/waka-readme-stats

anmol098/waka-readme-stats

This GitHub action helps to add cool dev metrics to your github profile Readme

7/10
graycoreio/github-actions-magento2/get-magento-version

graycoreio/github-actions-magento2/get-magento-version

Github Actions and Workflows that make maintaining Magento2 projects and modules easier.

3/10
Maintained action available
lfreleng-actions/maven-build-action

lfreleng-actions/maven-build-action

Action to build Maven projects

4/10
Maintained action available
nam20485/docs-1/.github/actions/clone-translations

nam20485/docs-1/.github/actions/clone-translations

The open-source repo for docs.github.com

0/10
sgammon/verify-hashes

sgammon/verify-hashes

Library, CLI, and GitHub Action for verifying hashes

4/10
asymmetric-research/clusterfuzz-fuzzbot-builder/assets/brand/step-security-icon.svg

asymmetric-research/clusterfuzz-fuzzbot-builder/assets/brand/step-security-icon.svg

Build environment matching a FuzzBot running Ubuntu 22.04

2/10
udoprog/kick

udoprog/kick

The omnibus project management tool

3/10
Maintained action available
TimSchoenle/gradle-jextract/.github/actions/setup-base-environment

TimSchoenle/gradle-jextract/.github/actions/setup-base-environment

A Gradle plugin that automates the download and execution of jextract to generate Java Foreign Function & Memory (FFM) API bindings from C header files with bundled library loading support.

4/10
step-security/test-summary-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/test-summary-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Show a helpful summary of test results in GitHub Actions CI/CD workflow runs. Secure drop-in replacement for test-summary/action.

10/10
yonasBSD/trilium/.github/actions/deploy-to-cloudflare-pages

yonasBSD/trilium/.github/actions/deploy-to-cloudflare-pages

Build your personal knowledge base with Trilium Notes

4/10
Maintained action available
ZscalerCWP/Zscaler-IaC-Action

ZscalerCWP/Zscaler-IaC-Action

1/10
step-security/sticky-pull-request-comment

step-security/sticky-pull-request-comment

Create comment on pull request, if exists update that comment. Secure drop-in replacement for marocchino/sticky-pull-request-comment.

9/10
Maintained by StepSecurity
42Crunch/api-security-audit-action

42Crunch/api-security-audit-action

4/10
slsa-framework/slsa-github-generator/actions/delegator/setup-generic

slsa-framework/slsa-github-generator/actions/delegator/setup-generic

Language-agnostic SLSA provenance generation for Github Actions

4/10
NVIDIA-RTX/godot/.github/actions/godot-build

NVIDIA-RTX/godot/.github/actions/godot-build

NVIDIA fork of Godot Engine – Multi-platform 2D and 3D game engine

2/10
step-security/actions-comment-pull-request/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/actions-comment-pull-request/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

GitHub action to comment pull request. Secure drop-in replacement for thollander/actions-comment-pull-request.

10/10
timheuer/base64-to-file

timheuer/base64-to-file

Take a base64 string and decodes to a file for use in arguments in later actions.

3/10