StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/sbom-action/image

step-security/sbom-action/image

GitHub Action for creating software bill of materials using Syft. Secure drop-in replacement for anchore/sbom-action.

10/10
advanced-security/codeql-development-toolkit/.github/actions/install-qlt

advanced-security/codeql-development-toolkit/.github/actions/install-qlt

The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.

7/10
andife/openvino/.github/actions/smart-ci

andife/openvino/.github/actions/smart-ci

OpenVINOβ„’ is an open source toolkit for optimizing and deploying AI inference

3/10
jonasalfredsson/checkout-qemu-buildx

jonasalfredsson/checkout-qemu-buildx

GitHub Action which checkout the repository and configures QEMU and Docker Builx for all available architectures.

5/10
philips-software/amp-devcontainer/.github/actions/container-size-diff

philips-software/amp-devcontainer/.github/actions/container-size-diff

πŸ”‹amp-devcontainer is a batteries-included devcontainer useable for modern software development

7/10
step-security/dsanders11-project-actions/github-script

step-security/dsanders11-project-actions/github-script

A collection of actions for automating GitHub projects. Secure drop-in replacement for dsanders11/project-actions.

10/10
Maintained by StepSecurity
grafana/grafana-cloudwatch-datasource/actions/commands

grafana/grafana-cloudwatch-datasource/actions/commands

Grafana CloudWatch Datasource plugin

7/10
step-security/create-or-update-pull-request-action

step-security/create-or-update-pull-request-action

A GitHub Action to create or update a pull request based on local changes. Secure drop-in replacement for gr2m/create-or-update-pull-request-action.

10/10
Maintained by StepSecurity
step-security/openapitools-generator-action/__builder_checkout_dir__/.github/actions/privacy-check

step-security/openapitools-generator-action/__builder_checkout_dir__/.github/actions/privacy-check

Generate a client library using the OpenAPITools Generator. Secure drop-in replacement for openapi-generators/openapitools-generator-action.

10/10
jonathancombs782/aspire/.github/actions/check-changed-files

jonathancombs782/aspire/.github/actions/check-changed-files

Aspire is the tool for code-first, extensible, observable dev and deploy.

3/10
sredevopsorg/ghost-on-kubernetes/.github/actions/set-ghost-version

sredevopsorg/ghost-on-kubernetes/.github/actions/set-ghost-version

Ghost on Kubernetes by SREDevOps.org - Deploy Ghost v6 on Kubernetes (k8s, k3s, etc) with our hardened distroless rootless custom image.

8/10
anysphere/bugbot-context

anysphere/bugbot-context

2/10
cloudposse/github-action-yaml-config-query

cloudposse/github-action-yaml-config-query

Define YAML document, filter it with JSON query and get result as outputs

5/10
yonasbsd/buck2/.github/actions/build_debug

yonasbsd/buck2/.github/actions/build_debug

Build system, successor to Buck

3/10
Maintained action available
gliech/create-github-secret-action

gliech/create-github-secret-action

Github Action that can create or update secrets in the GitHub Actions API

2/10
yonasbsd/ghost/.github/actions/load-docker-image

yonasbsd/ghost/.github/actions/load-docker-image

Independent technology for modern publishing, memberships, subscriptions and newsletters.

5/10
Maintained action available
devsectop/tf-via-pr

devsectop/tf-via-pr

Plan and apply Terraform/OpenTofu via PR automation, using best practices for secure and scalable IaC workflows.

7/10
step-security/gitleaks-action/__builder_checkout_dir__/.github/actions/privacy-check

step-security/gitleaks-action/__builder_checkout_dir__/.github/actions/privacy-check

Protect your secrets using Gitleaks-Action. Secure drop-in replacement for gitleaks/gitleaks-action.

10/10
chromaui/action

chromaui/action

GitHub Action for publishing your Storybook to Chromatic

7/10
smartcontractkit/.github/actions/codeowners-review-analysis

smartcontractkit/.github/actions/codeowners-review-analysis

reusable GHA workflows and actions

5/10
Maintained action available