StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

soumeh01/cmsis-actions/vcpkg

soumeh01/cmsis-actions/vcpkg

Custom GitHub actions to support MDK 6 / AVH CI workflows

3/10
elastic/apm-server/.github/workflows/generate-smoke-tests-list

elastic/apm-server/.github/workflows/generate-smoke-tests-list

8/10
docker/actions-toolkit/.github/actions/macos-setup-qemu

docker/actions-toolkit/.github/actions/macos-setup-qemu

Toolkit for Docker (GitHub) Actions

5/10
Maintained action available
cisagov/action-blacken-python2

cisagov/action-blacken-python2

6/10
pluralsh/chart-releaser

pluralsh/chart-releaser

4/10
wasmerio/setup-wasmer

wasmerio/setup-wasmer

GitHub action for setting up Wasmer

4/10
step-security/github-create-release-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/github-create-release-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

Create a GitHub release from a Tag. Secure drop-in replacement for Roang-zero1/github-create-release-action.

10/10
milhy545/coder/.github/actions/docs/images/banner-black.png

milhy545/coder/.github/actions/docs/images/banner-black.png

Secure environments for developers and their agents

4/10
rtcamp/action-slack-notify

rtcamp/action-slack-notify

GitHub Action for sending a notification to a Slack channel

6/10
ethereum-optimism/factory/actions/docker-setup

ethereum-optimism/factory/actions/docker-setup

Github CI workflows to build artifacts securely

6/10
subosito/flutter-action

subosito/flutter-action

Flutter environment for use in GitHub Actions. It works on Linux, Windows, and macOS.

7/10
damacus/publish-gem-to-github

damacus/publish-gem-to-github

GitHub action that builds gem and publishes it to GitHub Packages

4/10
hwine/setup-firefox

hwine/setup-firefox

Set up your GitHub Actions workflow with a specific version of firefox

3/10
martinthomson/i-d-template

martinthomson/i-d-template

A template for IETF internet draft git repositories

5/10
Maintained action available
step-security/setup-crate/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/setup-crate/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

📦 GitHub Action to install a Rust crate from a GitHub release. Secure drop-in replacement for extractions/setup-crate.

10/10
upbound/move-files-to-docs-folder

upbound/move-files-to-docs-folder

move-files-to-docs-folder

3/10
yogeshlonkar/trivy-cache-action

yogeshlonkar/trivy-cache-action

Cache .trivy directory

7/10
step-security/ghaction-github-runtime

step-security/ghaction-github-runtime

GitHub Action to expose GitHub runtime to the workflow. Secure drop-in replacement for crazy-max/ghaction-github-runtime.

10/10
Maintained by StepSecurity
NVIDIA/spark-rapids-common/markdown-link-check

NVIDIA/spark-rapids-common/markdown-link-check

Reusable GitHub Actions workflows and common scripts for Spark RAPIDS

4/10
suzuki-shunsuke/tfcmt

suzuki-shunsuke/tfcmt

tfcmt enhances mercari/tfnotify in many ways, including Terraform >= v0.15 support and advanced formatting options

4/10
Maintained action available