StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

open-component-model/ocm-setup-action

open-component-model/ocm-setup-action

GitHub Action installing the OCM command-line tool

7/10
dmnemec/copy_file_to_another_repo_action

dmnemec/copy_file_to_another_repo_action

This GitHub Action copies a file from the current repository to a location in another repository

6/10
nschloe/action-cached-lfs-checkout

nschloe/action-cached-lfs-checkout

GitHub checkout action with LFS files pulled from cache

5/10
gitguardian/ggshield/actions/secret

gitguardian/ggshield/actions/secret

Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.

8/10
step-security/split-strings

step-security/split-strings

Github Action for splitting strings into parts by separator with limit. Secure drop-in replacement for xom9ikk/split.

10/10
Maintained by StepSecurity
actionshub/terraform-lint

actionshub/terraform-lint

Repository for the terraform-lint Github Action

5/10
jfagoagas/prowler/.github/actions/setup-python-poetry

jfagoagas/prowler/.github/actions/setup-python-poetry

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and many more additional checks that help on GDPR, HIPAA and other security frameworks.

5/10
Maintained action available
pytorch/kineto/test-infra/.github/actions/setup-ssh

pytorch/kineto/test-infra/.github/actions/setup-ssh

A CPU+GPU Profiling library that provides access to timeline traces and hardware performance counters.

2/10
Maintained action available
nodoubtz-record-label/node/.github/actions/install-clang

nodoubtz-record-label/node/.github/actions/install-clang

npm's fork of nodejs/node, for sending PRs to update deps/npm

3/10
madhead/semver-utils

madhead/semver-utils

One-stop shop for working with semantic versions in your GitHub Actions workflows

2/10
my-mc/check-sync-volta-and-node-version

my-mc/check-sync-volta-and-node-version

Check the synchronize volta and .node_version.

2/10
projectdiscovery/actions/cache/nuclei

projectdiscovery/actions/cache/nuclei

ProjectDiscovery's Composite Actions

5/10
opcr-io/policy-build-action

opcr-io/policy-build-action

policy-build-action

3/10
maheshrayas/action-pr-comment-delete

maheshrayas/action-pr-comment-delete

GitHub Action to delete older PR comments

3/10
elastic/apm-pipeline-library/.github/actions/docker-layer-caching

elastic/apm-pipeline-library/.github/actions/docker-layer-caching

4/10
anz-bank/pkg/.github/action/github-tag-action

anz-bank/pkg/.github/action/github-tag-action

Common ANZ Go packages

2/10
approved-3rd-party-actions/hashicorp-setup-terraform

approved-3rd-party-actions/hashicorp-setup-terraform

Sets up Terraform CLI in your GitHub Actions workflow.

2/10
ministryofjustice/hmpps-approved-premises-ui/.github/actions/slack_failure_notification

ministryofjustice/hmpps-approved-premises-ui/.github/actions/slack_failure_notification

The user interface for the Approved Premises Service

8/10
clj-holmes/clj-watson-action

clj-holmes/clj-watson-action

clj-watson action

2/10
lerebear/sizeup-action

lerebear/sizeup-action

Encourage digestible pull requests

3/10