StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

nvidia-nemo/evaluator/.github/actions/test-template

nvidia-nemo/evaluator/.github/actions/test-template

Open-source library for scalable, reproducible evaluation of AI models and benchmarks.

7/10
astral-sh/uv

astral-sh/uv

An extremely fast Python package and project manager, written in Rust.

8/10
grafana/github-api-commit-action

grafana/github-api-commit-action

Commits changes to the repository through the Github api instead of traditional git commands.

6/10
weseek/ghaction-release-slack-notification

weseek/ghaction-release-slack-notification

2/10
cap-js/.github/.github/actions/hana-hdi-container

cap-js/.github/.github/actions/hana-hdi-container

Default community health files for the CAP-js organization

5/10
bytemare/actions/init-go

bytemare/actions/init-go

A collection of hardened reusable Github Actions and Workflows.

7/10
sonarsource/ci-github-actions/code-signing

sonarsource/ci-github-actions/code-signing

CI/CD GitHub Actions

6/10
step-security/changeset-action/.github/actions/ci-setup

step-security/changeset-action/.github/actions/ci-setup

Secure drop-in replacement for changesets/action.

10/10
step-security/sccache-action

step-security/sccache-action

sccache github action. Secure drop-in replacement for Mozilla-Actions/sccache-action.

10/10
Maintained by StepSecurity
centml/dynamo/.github/actions/docker-remote-build

centml/dynamo/.github/actions/docker-remote-build

A Datacenter Scale Distributed Inference Serving Framework

4/10
Maintained action available
smartcontractkit/.github/actions/ctf-show-grafana-in-test-summary

smartcontractkit/.github/actions/ctf-show-grafana-in-test-summary

reusable GHA workflows and actions

5/10
Maintained action available
oaslananka/boardguard

oaslananka/boardguard

Local-first CLI and GitHub Action for KiCad hardware design review, DRC/ERC preflight, BOM risk checks, manufacturing release validation, SARIF output, and PR reporting.

5/10
ministryofjustice/hmpps-probation-integration-services/.github/actions/render-project-template

ministryofjustice/hmpps-probation-integration-services/.github/actions/render-project-template

A collection of small, domain-focused integrations to support HMPPS Digital services that need to interact with probation data.

8/10
richardsimko/update-tag

richardsimko/update-tag

A Github action that simply tags the repository with the specified tag.

5/10
Maintained action available
step-security/ghaction-setup-docker/__builder_checkout_dir__/.github/actions/privacy-check

step-security/ghaction-setup-docker/__builder_checkout_dir__/.github/actions/privacy-check

GitHub Action to set up (download and install) Docker CE. Secure drop-in replacement for docker/setup-docker-action.

10/10
redhat-actions/crda

redhat-actions/crda

Scan your project's dependencies with Code Ready Dependency Analytics

3/10
kong/slsa-generator/__builder_checkout_dir__/.github/actions/secure-upload-artifact

kong/slsa-generator/__builder_checkout_dir__/.github/actions/secure-upload-artifact

Language-agnostic SLSA provenance generation for Github Actions

3/10
marocchino/sticky-pull-request-comment

marocchino/sticky-pull-request-comment

create comment on pull request, if exists update that comment.

7/10
button-inc/conn-ccbc-portal/.github/actions/local-app-run

button-inc/conn-ccbc-portal/.github/actions/local-app-run

Intake for application process for Connected Communities BC funding program

2/10
ministryofjustice/hmpps-resettlement-passport-ui/.github/actions/setup-zap

ministryofjustice/hmpps-resettlement-passport-ui/.github/actions/setup-zap

Resettlement passport to prepare prisoner for release UI

7/10