StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/gradle-actions/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/gradle-actions/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

A collection of GitHub Actions to accelerate your Gradle Builds on GitHub. Secure drop-in replacement for gradle/actions.

10/10
step-security/r-lib-actions/setup-pandoc

step-security/r-lib-actions/setup-pandoc

GitHub Actions for the R community. Secure drop-in replacement for r-lib/actions.

8/10
Maintained by StepSecurity
step-security/create-or-update-comment

step-security/create-or-update-comment

A GitHub action to create or update an issue or pull request comment. Secure drop-in replacement for peter-evans/create-or-update-comment.

10/10
Maintained by StepSecurity
slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml

slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml

Language-agnostic SLSA provenance generation for Github Actions

5/10
pytorch/vision/test-infra/.github/actions/calculate-docker-image

pytorch/vision/test-infra/.github/actions/calculate-docker-image

Datasets, Transforms and Models specific to Computer Vision

4/10
Maintained action available
harden-runner-canary/docker-action-k8s

harden-runner-canary/docker-action-k8s

2/10
pytorch/tensordict/test-infra/.github/actions/teardown-linux

pytorch/tensordict/test-infra/.github/actions/teardown-linux

TensorDict is a pytorch dedicated tensor container.

4/10
Maintained action available
actions-security-demo/script-injection/.github/actions/setup-enterprise

actions-security-demo/script-injection/.github/actions/setup-enterprise

2/10
grafana/tns/_shared-workflows-dockerhub-login/actions/get-vault-secrets

grafana/tns/_shared-workflows-dockerhub-login/actions/get-vault-secrets

Observability Demo App

4/10
pypa/gh-action-pypi-publish

pypa/gh-action-pypi-publish

The blessed :octocat: GitHub Action, for publishing your :package: distribution files to PyPI, the tokenless way: https://github.com/marketplace/actions/pypi-publish

8/10
shivammathur/cache-extensions

shivammathur/cache-extensions

:package: Cache PHP extensions in GitHub Actions

6/10
step-security/background-action

step-security/background-action

Background commands with log tailing/capture; waits until file/port/socket/http are ready to proceed. Isolates/dedupe errors. Secure drop-in replacement for JarvusInnovations/background-action.

10/10
Maintained by StepSecurity
edera-dev/falco_plugin/.github/actions/install-llvm

edera-dev/falco_plugin/.github/actions/install-llvm

A Falco plugin for forwarding low-level events (syscalls, etc) out of Edera zones.

5/10
step-security/jest-coverage-report-action

step-security/jest-coverage-report-action

Track your code coverage in every pull request. Secure drop-in replacement for ArtiomTr/jest-coverage-report-action.

9/10
Maintained by StepSecurity
CordEngine/.github/actions/qa

CordEngine/.github/actions/qa

7/10
step-security/auto-assign-issue/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/auto-assign-issue/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub Action that auto-assigns issues or PRs to one or more users. Secure drop-in replacement for pozil/auto-assign-issue.

10/10
gofrolist/molecule-action

gofrolist/molecule-action

GitHub Action for running molecule as part of your workflows!

5/10
Maintained action available
asdf-vm/actions/setup

asdf-vm/actions/setup

GitHub Actions for the asdf version manager

6/10
ministryofjustice/hmpps-probation-integration-services/.github/actions/merge-changes

ministryofjustice/hmpps-probation-integration-services/.github/actions/merge-changes

A collection of small, domain-focused integrations to support HMPPS Digital services that need to interact with probation data.

8/10
grafana/plugin-actions/create-plugin-update

grafana/plugin-actions/create-plugin-update

6/10