StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

portswigger-tim/safer-runner-action

portswigger-tim/safer-runner-action

A GitHub action to lockdown DNS, Network, sudo and Docker

2/10
edera-dev/cross/.github/actions/cargo-publish

edera-dev/cross/.github/actions/cargo-publish

“Zero setup” cross compilation and “cross testing” of Rust crates

3/10
korniltsev/actions-upload-release-asset

korniltsev/actions-upload-release-asset

Yet Another Upload Release Asset Action

2/10
aerospike/shared-workflows/.github/actions/collect-build-artifacts

aerospike/shared-workflows/.github/actions/collect-build-artifacts

automation workflows

8/10
grafana/opentelemetry-ebpf-instrumentation/.github/actions/integration-test-image-build

grafana/opentelemetry-ebpf-instrumentation/.github/actions/integration-test-image-build

5/10
Maintained action available
docker/bake-action/subaction/xhcyo8/qqq

docker/bake-action/subaction/xhcyo8/qqq

GitHub Action to use Docker Buildx Bake as a high-level build command

5/10
Maintained action available
taktile-org/wretry.action

taktile-org/wretry.action

Retry action for Github CI

4/10
rubygems/configure-rubygems-credentials

rubygems/configure-rubygems-credentials

Configure rubygems.org credential environment variables for use in other GitHub Actions.

6/10
nexusphp/no-merge-commits

nexusphp/no-merge-commits

Prevent merge commits in pull requests.

5/10
Maintained action available
step-security/setup-applanga-cli/__builder_checkout_dir__/.github/actions/privacy-check

step-security/setup-applanga-cli/__builder_checkout_dir__/.github/actions/privacy-check

Secure drop-in replacement for applanga/setup-applanga-cli.

10/10
aerospike/aerospike-client-nodejs/.github/actions/run-ee-server

aerospike/aerospike-client-nodejs/.github/actions/run-ee-server

Node.js client for the Aerospike database

3/10
siemens/ix/.github/workflows/actions/visual-regression

siemens/ix/.github/workflows/actions/visual-regression

Siemens Industrial Experience is a design system for designers and developers, to consistently create the perfect digital experience for industrial software products.

6/10
step-security/create-or-update-pull-request-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/create-or-update-pull-request-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

A GitHub Action to create or update a pull request based on local changes. Secure drop-in replacement for gr2m/create-or-update-pull-request-action.

9/10
diolor/github-action-markdown-link-check

diolor/github-action-markdown-link-check

Check all links in markdown files if they are alive or dead. 🔗✔️

3/10
yonasbsd/prql/.github/actions/time-compilation

yonasbsd/prql/.github/actions/time-compilation

PRQL is a modern language for transforming data — a simple, powerful, pipelined SQL replacement

3/10
Maintained action available
codex-/return-dispatch

codex-/return-dispatch

⚙️ Dispatch an action to a foreign repository and output the newly created run ID.

4/10
Maintained action available
pytorch/pytorch/test-infra/.github/actions/pull-docker-image

pytorch/pytorch/test-infra/.github/actions/pull-docker-image

Tensors and Dynamic neural networks in Python with strong GPU acceleration

4/10
Maintained action available
diggerhq/digger

diggerhq/digger

Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline ⚡️

4/10
Maintained action available
avular-robotics/fork-fetch-gh-release-asset

avular-robotics/fork-fetch-gh-release-asset

Github Action to download an asset from a Github release

2/10
chainguard-dev/actions/setup-knative

chainguard-dev/actions/setup-knative

A collection of reusable Github Actions workflows.

8/10