StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

hashicorp/tfc-workflows-github/actions/apply-run

hashicorp/tfc-workflows-github/actions/apply-run

HCP Terraform starter workflows and github actions to automate Terraform Cloud CI/CD pipelines.

7/10
step-security/release-downloader

step-security/release-downloader

Github action to download release assets from private or public repositories. Secure drop-in replacement for robinraju/release-downloader.

10/10
Maintained by StepSecurity
launchdarkly/gha-ld-gosec

launchdarkly/gha-ld-gosec

Runs gosec then uploads results to s3 and workflow artifacts.

4/10
step-security/action-openfga-test

step-security/action-openfga-test

Github Action for testing your OpenFGA Authorization Model. Secure drop-in replacement for openfga/action-openfga-test.

10/10
Maintained by StepSecurity
meilcli/gradle-update-check-action

meilcli/gradle-update-check-action

gradle maven new package version check action for GitHub Actions.

4/10
richardmcsong/actions/pr-sync

richardmcsong/actions/pr-sync

Custom actions for automating Backstage workflows

2/10
githubnext/gh-aw/actions/setup

githubnext/gh-aw/actions/setup

GitHub Agentic Workflows

6/10
quotidian-ennui/actions-olio/commit-status-and-label

quotidian-ennui/actions-olio/commit-status-and-label

It's a gallimaufry of actions

4/10
Maintained action available
ministryofjustice/hmpps-probation-integration-services/.github/actions/database-access-new

ministryofjustice/hmpps-probation-integration-services/.github/actions/database-access-new

A collection of small, domain-focused integrations to support HMPPS Digital services that need to interact with probation data.

8/10
nvidia/nvsentinel/.github/actions/install-e2e-tools

nvidia/nvsentinel/.github/actions/install-e2e-tools

NVSentinel is a cross-platform fault remediation service designed to rapidly remediate runtime node-level issues in GPU-accelerated computing environments

8/10
tue-robotics/tue-env/ci/fill

tue-robotics/tue-env/ci/fill

Package manager that can be used to install (ROS) dependencies

6/10
docker/bake-action/ui13c5/list-targets

docker/bake-action/ui13c5/list-targets

GitHub Action to use Docker Buildx Bake as a high-level build command

5/10
Maintained action available
microsoft/setup-kiota

microsoft/setup-kiota

Action that installs Kiota OpenAPI client generator so it can be used in your workflow

7/10
easingthemes/ssh-deploy

easingthemes/ssh-deploy

GitHub Action for deploying code via rsync over ssh. (with NodeJS)

7/10
grafana/community-contributions/.github/actions/check-jobs

grafana/community-contributions/.github/actions/check-jobs

External contributor PR workflow testing sandbox

2/10
rvben/rumdl

rvben/rumdl

Fast Markdown linter and formatter written in Rust

5/10
Maintained action available
architect/action-build

architect/action-build

3/10
aerospike/aerospike-client-java/.github/actions/build-and-test

aerospike/aerospike-client-java/.github/actions/build-and-test

Aerospike Java Client Library

6/10
step-security/npm-get-version-action

step-security/npm-get-version-action

This Action scans for a package.json file and reads the version number from that. Secure drop-in replacement for martinbeentjes/npm-get-version-action.

10/10
Maintained by StepSecurity
2coo/action-nx-affected

2coo/action-nx-affected

2/10