StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

microsoft/DevSkim-Action

microsoft/DevSkim-Action

The GitHub Action for DevSkim

7/10
requarks/changelog-action

requarks/changelog-action

GitHub Action to generate changelog from conventional commits

3/10
philips-software/sbom-tool-installer-action

philips-software/sbom-tool-installer-action

GitHub Action that installs and sets up the Microsoft SBOM Tool.

3/10
chromaui/action-next

chromaui/action-next

Next version of chromaui/action (this repository is publish only)

4/10
regclient/actions/fill

regclient/actions/fill

7/10
yonasBSD/iggy/.github/actions/python-maturin/pre-merge

yonasBSD/iggy/.github/actions/python-maturin/pre-merge

Iggy is the persistent message streaming platform written in Rust, supporting QUIC, TCP and HTTP transport protocols, capable of processing millions of messages per second.

3/10
Maintained action available
taiki-e/cache-cargo-install-action

taiki-e/cache-cargo-install-action

GitHub Action for `cargo install` with cache.

8/10
grafana/k6-DefinitelyTyped/.github/actions/setup-for-scripts

grafana/k6-DefinitelyTyped/.github/actions/setup-for-scripts

The repository for high quality TypeScript type definitions.

5/10
Maintained action available
step-security/setup-maven/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/setup-maven/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

Set up your GitHub Actions workflow with a specific version of Apache Maven. Secure drop-in replacement for stCarolas/setup-maven.

10/10
opcr-io/policy-tag-action

opcr-io/policy-tag-action

policy-tag-action

3/10
TLMSLLC/chainlink/.github/actions/setup-solana

TLMSLLC/chainlink/.github/actions/setup-solana

node of the decentralized oracle network, bridging on and off-chain computation

2/10
Codesee-io/codesee-detect-languages-action

Codesee-io/codesee-detect-languages-action

3/10
grafana/grafana/_shared-workflows-dockerhub-login/actions/get-vault-secrets

grafana/grafana/_shared-workflows-dockerhub-login/actions/get-vault-secrets

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

4/10
Maintained action available
step-security/s3-actions-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/s3-actions-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Cache to S3 storage with official actions/cache@v2 fallback. Secure drop-in replacement for tespkg/actions-cache.

9/10
hpcodecraft/action-deploy-workspace-to-repo

hpcodecraft/action-deploy-workspace-to-repo

Github action to copy files generated during a workflow run to an external repository

2/10
xTVaser/first-interaction

xTVaser/first-interaction

An action for filtering pull requests and issues from first-time contributors

3/10
Gr1N/setup-poetry

Gr1N/setup-poetry

Set up your GitHub Actions workflow with a specific version of Poetry

4/10
pravipati-sandbox/codeql-action/analyze

pravipati-sandbox/codeql-action/analyze

Actions for running CodeQL analysis

2/10
ljharb/actions/vlt/install

ljharb/actions/vlt/install

GitHub actions I use for CI.

4/10
slsa-framework/github-actions-demo

slsa-framework/github-actions-demo

Proof-of-concept SLSA provenance generator for GitHub Actions

3/10