Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

slsa-framework/slsa-github-generator/.github/actions/verify-token

slsa-framework/slsa-github-generator/.github/actions/verify-token

Language-agnostic SLSA provenance generation for Github Actions

5/10
Codesee-io/codesee-action

Codesee-io/codesee-action

3/10
snapshift/action-check-typescript

snapshift/action-check-typescript

2/10
dtolnay/install

dtolnay/install

Fast `cargo install` action using a GitHub-based binary cache

5/10
rematocorp/open-pull-request-action

rematocorp/open-pull-request-action

GitHub action for automatically creating a pull request

3/10
winterjung/split

winterjung/split

GitHub action to split string

3/10
pypa/gh-action-pip-audit

pypa/gh-action-pip-audit

A GitHub Action for pip-audit

5/10
peter-murray/terragrunt-github-action

peter-murray/terragrunt-github-action

GitHub action for setting up Terragrunt https://terragrunt.gruntwork.io

2/10
salsa-rs/salsa

salsa-rs/salsa

A generic framework for on-demand, incrementalized computation. Inspired by adapton, glimmer, and rustc's query system.

6/10
jidicula/go-fuzz-action

jidicula/go-fuzz-action

GitHub Action for Go 1.18 fuzz testing

4/10
coverallsapp/github-action

coverallsapp/github-action

Coveralls Github Action

6/10
hashicorp/tfc-workflows-github/actions/plan-output

hashicorp/tfc-workflows-github/actions/plan-output

HCP Terraform starter workflows and github actions to automate Terraform Cloud CI/CD pipelines.

7/10
jlandowner/helm-chartsnap-action

jlandowner/helm-chartsnap-action

GitHub Action to do Continuous Snapshot Testing for Helm chart in your CI

3/10
BellCubeDev/update-package-version-by-release-tag

BellCubeDev/update-package-version-by-release-tag

GitHub Action to update an NPM package's version in the checked out version of a project using the release tag. Supports a v prefix.

2/10
runs-on/cache/save

runs-on/cache/save

Shockingly faster GitHub Action cache with S3 backend

3/10
s4u/maven-settings-action

s4u/maven-settings-action

This action setup maven settings.xml

7/10
tenable/terrascan-action

tenable/terrascan-action

Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practices.

7/10
chronograph-pe/get-changed-files

chronograph-pe/get-changed-files

Get all of the files changed/modified in a pull request or push's commits.

2/10
yumemi-inc/changed-files

yumemi-inc/changed-files

A GitHub Action that outputs a list of changed files in pull requests and commits.

4/10
gradle/gradle-build-action

gradle/gradle-build-action

Execute your Gradle build and trigger dependency submission

7/10