StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/ansible-galaxy-action/__BUILDER_CHECKOUT_DIR__/.github/actions/contact

step-security/ansible-galaxy-action/__BUILDER_CHECKOUT_DIR__/.github/actions/contact

This Action will import ansible roles on galaxy-ng. Secure drop-in replacement for ansible-actions/ansible-galaxy-action.

10/10
dawidd6/action-send-mail/_next/static/chunks/app/layout-fb4b0f8546cbcdcc.js

dawidd6/action-send-mail/_next/static/chunks/app/layout-fb4b0f8546cbcdcc.js

:gear: A GitHub Action to send an email to multiple recipients

5/10
Maintained action available
Git-Hub-Chris/PyTorch/.github/actions/upload-utilization-stats

Git-Hub-Chris/PyTorch/.github/actions/upload-utilization-stats

Python package.

2/10
imjasonh/setup-ko

imjasonh/setup-ko

6/10
gensecaihq/Shai-Hulud-2.0-Detector

gensecaihq/Shai-Hulud-2.0-Detector

Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.

4/10
step-security/workflow-conclusion-action/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

step-security/workflow-conclusion-action/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

GitHub action to get workflow conclusion. Secure drop-in replacement for technote-space/workflow-conclusion-action.

9/10
mhiew/redoc-lint-github-action

mhiew/redoc-lint-github-action

A github action to lint open api files using Redocly OpenaAPI CLI tool.

3/10
sredevopsorg/action-deploy-theme

sredevopsorg/action-deploy-theme

Forked action from @TryGhost to deploy Ghost 5 themes from Git directly into your Ghost website

4/10
OneKeyHQ/actions/gh-pages

OneKeyHQ/actions/gh-pages

Github Actions

1/10
threeal/ctest-action

threeal/ctest-action

Test CMake projects using CTest on GitHub Actions

2/10
Cysharp/Actions/.github/actions/check-metas

Cysharp/Actions/.github/actions/check-metas

3/10
Maintained action available
found-it/digestabot

found-it/digestabot

Github Action to automatically update digests for container images.

3/10
pytorch/torchrec/test-infra/.github/actions/setup-binary-upload

pytorch/torchrec/test-infra/.github/actions/setup-binary-upload

Pytorch domain library for recommendation systems

3/10
Maintained action available
pytorch/rl/test-infra/.github/actions/check-disk-space

pytorch/rl/test-infra/.github/actions/check-disk-space

A modular, primitive-first, python-first PyTorch library for Reinforcement Learning.

3/10
Maintained action available
dotnet/docs-tools/actions/dotnet-version-updater

dotnet/docs-tools/actions/dotnet-version-updater

This repo contains GitHub Actions and other tools that are designed to be invoked on DocFx repositories.

4/10
Maintained action available
ivuorinen/actions/action-versioning

ivuorinen/actions/action-versioning

ivuorinen's shared actions

7/10
azure/k8s-bake

azure/k8s-bake

GitHub Action creating Kubernetes manifest files with Helm, Kustomize, or Kompose

8/10
modeseven-lfreleng-actions/python-audit-action

modeseven-lfreleng-actions/python-audit-action

Audits a Python project's dependencies for security issues

4/10
Maintained action available
JJGadgets/tj-actions-changed-files

JJGadgets/tj-actions-changed-files

:octocat: Github action to retrieve all (added, copied, modified, deleted, renamed, type changed, unmerged, unknown) files and directories.

5/10
dotnet/docs-tools/actions/dependabot-bot

dotnet/docs-tools/actions/dependabot-bot

This repo contains GitHub Actions and other tools that are designed to be invoked on DocFx repositories.

4/10
Maintained action available