StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

install-pinned/build

install-pinned/build

Securely install the latest build release from PyPI.

3/10
step-security/cysharp-actions/.github/actions/unity-builder

step-security/cysharp-actions/.github/actions/unity-builder

Secure drop-in replacement for Cysharp/Actions.

10/10
Maintained by StepSecurity
clearlyip/code-coverage-report-action

clearlyip/code-coverage-report-action

Provides Code Coverage reports in Github Actions

6/10
sasobadovinac/palace/.github/actions/setup-runner

sasobadovinac/palace/.github/actions/setup-runner

3D finite element solver for computational electromagnetics

5/10
Maintained action available
envoyproxy/toolshed/gh-actions/github/artifact/cache/id

envoyproxy/toolshed/gh-actions/github/artifact/cache/id

6/10
step-security/saucectl-run-action/__builder_checkout_dir__/.github/actions/privacy-check

step-security/saucectl-run-action/__builder_checkout_dir__/.github/actions/privacy-check

GitHub Action for running saucectl test suites. Secure drop-in replacement for saucelabs/saucectl-run-action.

10/10
spotdemo4/go-template/.github/actions/init

spotdemo4/go-template/.github/actions/init

template for go

6/10
kong/slsa-github-generator/.github/actions/public-layout.tsx

kong/slsa-github-generator/.github/actions/public-layout.tsx

Language-agnostic SLSA provenance generation for Github Actions

3/10
actions-security-demo/script-injection/ephemeral

actions-security-demo/script-injection/ephemeral

2/10
gradle/wrapper-validation-action

gradle/wrapper-validation-action

Gradle Wrapper Validation Action

7/10
nvidia-rtx/godot/.github/actions/fetch-gh-release-asset

nvidia-rtx/godot/.github/actions/fetch-gh-release-asset

NVIDIA fork of Godot Engine โ€“ Multi-platform 2D and 3D game engine

2/10
step-security/pull-request-comment-trigger/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/pull-request-comment-trigger/__builder_checkout_dir__/.github/actions/secure-download-artifact

A github action for detecting a "trigger" in a pull request description or comment. Secure drop-in replacement for Khan/pull-request-comment-trigger.

10/10
ansible/ansible-publish-action

ansible/ansible-publish-action

Publish Ansible collection to galaxy.ansible.com

6/10
elide-dev/labs-openjdk/.github/actions/get-bootjdk

elide-dev/labs-openjdk/.github/actions/get-bootjdk

JDK fork for building GraalVM CE.

5/10
pytorch/torchchat/test-infra/.github/actions/teardown-linux

pytorch/torchchat/test-infra/.github/actions/teardown-linux

Run PyTorch LLMs locally on servers, desktop and mobile

3/10
epam/ai-dial-ci/actions/java_prepare

epam/ai-dial-ci/actions/java_prepare

Continuous Integration instrumentation for AI DIAL components

8/10
devmasx/coverage-check-action

devmasx/coverage-check-action

Create a check for coverage percentage.

3/10
neondatabase/neon/.github/actions/upload

neondatabase/neon/.github/actions/upload

Neon: Serverless Postgres. We separated storage and compute to offer autoscaling, code-like database branching, and scale to zero.

3/10
surrealdb/surrealdb/.github/actions/setup-environment

surrealdb/surrealdb/.github/actions/setup-environment

A scalable, distributed, collaborative, document-graph database, for the realtime web

5/10
Maintained action available
fluxcd/pkg/actions/helm

fluxcd/pkg/actions/helm

GitOps Toolkit Go SDK

7/10