Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/import-codesign-certs

GitHub Action for Importing Code-signing Certificates into a Keychain. Secure drop-in replacement for Apple-Actions/import-codesign-certs.

9/10

Maintained by StepSecurity

orcid/changelog-action

action to update a changelog and create a github release

2/10

chronograph-pe/actions-permissions/monitor

GitHub token permissions Monitor and Advisor actions

2/10

actions-security-demo/script-injection/actions/commands

2/10

protocolbuffers/protobuf-ci/../../_actions/current/internal/docker-run

A shared repository for Protobuf CI actions

4/10

smartcontractkit/.github/actions/setup-gap

reusable GHA workflows and actions

5/10

Maintained action available

shundor/python-bandit-scan

GitHub Action for Bandit SAST

5/10

equinor/oneseismic-api/.github/actions/load_openvds_image

Web API for fast access of arbitrary seismic slices from VDS data

5/10

crazy-max/ghaction-docker-buildx

:octocat: GitHub Action to set up Docker Buildx

3/10

mozilla-it/deploy-actions/docker-push

Generic GitHub composite actions/workflows for deploying applications

5/10

Maintained action available

kubepug/kubepug-installer

kubepug-installer GitHub Action

5/10

bryannice/gitactions-slack-notification

Git Action Slack Notifications From Build Status

4/10

rudderlabs/setup-aws-signer-notation-cli

This GitHub Action installs Notation CLI with the AWS Signer plugin.

3/10

quantco/ui-actions/version-metadata

Monorepo for UI related github actions

3/10

Maintained action available

intel/ai-containers/apptainer

This repository contains Dockerfiles, scripts, yaml files, Helm charts, etc. used to scale out AI containers with versions of TensorFlow and PyTorch that have been optimized for Intel platforms. Scaling is done with python, Docker, kubernetes, kubeflow, cnvrg.io, Helm, and other container orchestration frameworks for use in the cloud and on-premise

7/10