StepSecurity Logo
Community Tier
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

buildjet/setup-go

buildjet/setup-go

Set up your GitHub Actions workflow with a specific version of Go

2/10
bridgecrewio/checkov-action

bridgecrewio/checkov-action

This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

7/10
tj-actions/install-postgresql

tj-actions/install-postgresql

:octocat: Github action to install PostgreSQL

4/10
nixbuild/nix-quick-install-action

nixbuild/nix-quick-install-action

5/10
envoyproxy/toolshed/gh-actions/email/validate

envoyproxy/toolshed/gh-actions/email/validate

6/10
khulnasoft-lab/setup-env-github-action

khulnasoft-lab/setup-env-github-action

5/10
elastic/oblt-actions/github/comment-reaction

elastic/oblt-actions/github/comment-reaction

7/10
stefanprodan/helm-gh-pages

stefanprodan/helm-gh-pages

A GitHub Action for publishing Helm charts to Github Pages

5/10
Gen-OS/androidx/.github/actions/build-single-project

Gen-OS/androidx/.github/actions/build-single-project

Development environment for Android Jetpack extension libraries under the androidx namespace. Synchronized with Android Jetpack's primary development branch on AOSP.

2/10
ouzi-dev/commit-status-updater

ouzi-dev/commit-status-updater

GitHub Action for updating the Commit Status with a state and a context

2/10
volta-cli/action

volta-cli/action

GitHub Action to Setup Volta

3/10
deepcode-ai/cal.com/.github/actions/yarn-install

deepcode-ai/cal.com/.github/actions/yarn-install

Scheduling infrastructure for absolutely everyone.

4/10
step-security/repo-file-sync-action

step-security/repo-file-sync-action

🔄 GitHub Action to keep files like Action workflows or entire directories in sync between multiple repositories. Secure drop-in replacement for BetaHuhn/repo-file-sync-action.

10/10
Maintained by StepSecurity
grafana/shared-workflows/actions/generate-openapi-clients

grafana/shared-workflows/actions/generate-openapi-clients

A public-facing, centralized place to store reusable workflows used by Grafana Labs.

7/10
13rac1/block-fixup-merge-action

13rac1/block-fixup-merge-action

Github Action to block merge of Pull Requests containing fixup! or squash! commits

4/10
skx/github-action-publish-binaries

skx/github-action-publish-binaries

Publish binaries when new releases are made.

3/10
grafana/shared-workflows/actions/remove-checkout-credentials

grafana/shared-workflows/actions/remove-checkout-credentials

A public-facing, centralized place to store reusable workflows used by Grafana Labs.

7/10
cuchi/jinja2-action

cuchi/jinja2-action

Use the Jinja2 template engine as a GitHub action

2/10
zaproxy/action-af

zaproxy/action-af

A GitHub Action for running ZAP Automation Framework plans

4/10
actionutils/create-release-pr/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

actionutils/create-release-pr/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

WIP

2/10