StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

goto-bus-stop/image

goto-bus-stop/image

PHP Image Manipulation

3/10
ory/ci/changelog

ory/ci/changelog

Automation and robots for Ory's CI and CD pipelines

4/10
launchdarkly/dotnet-logging-adapter-commonlogging/.github/actions/release-build

launchdarkly/dotnet-logging-adapter-commonlogging/.github/actions/release-build

Adapter from LaunchDarkly.Logging API to Common.Logging

5/10
launchdarkly/go-server-sdk-redis-redigo/.github/actions/get-go-version

launchdarkly/go-server-sdk-redis-redigo/.github/actions/get-go-version

Redis integration for the LaunchDarkly SDK for Server-side Go (with Redigo client)

6/10
ext/npm-pkg-lint

ext/npm-pkg-lint

Opinionated linter for NPM package tarball and package.json metadata.

6/10
step-security/cucumber-report-annotations-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/cucumber-report-annotations-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

A GitHub action to publish cucumber report on pull request annotations. Secure drop-in replacement for deblockt/cucumber-report-annotations-action.

10/10
tibdex/github-app-token

tibdex/github-app-token

Impersonate a GitHub App in a GitHub Action

4/10
vsoch/spack-package-action/install

vsoch/spack-package-action/install

A set of GitHub actions to install spack, build and deploy a spack binary, or a spack container (under development).

0/10
chainguard-actions/sigstore--cosign-installer

chainguard-actions/sigstore--cosign-installer

2/10
yonasbsd/testcontainers-node/.github/actions/npm-setup

yonasbsd/testcontainers-node/.github/actions/npm-setup

Testcontainers is a NodeJS library that supports tests, providing lightweight, throwaway instances of common databases, Selenium web browsers, or anything else that can run in a Docker container.

4/10
Maintained action available
graphql-hive/graphql-inspector

graphql-hive/graphql-inspector

๐Ÿ•ต๏ธโ€โ™€๏ธ Validate schema, get schema change notifications, validate operations, find breaking changes, look for similar types, schema coverage

4/10
Maintained action available
sonarsource/sonarqube-mcp-server/.actions/get-build-number

sonarsource/sonarqube-mcp-server/.actions/get-build-number

Official SonarQube MCP Server for code quality and security in AI agents

6/10
caffeelake/authentik/.github/actions/comment-pr-instructions

caffeelake/authentik/.github/actions/comment-pr-instructions

The authentication glue you need.

2/10
microsoft/typescript-twoslash-repro-action

microsoft/typescript-twoslash-repro-action

A GitHub Action which evaluates twoslash bug reproductions in GitHub Issues

3/10
aptos-labs/setup-buildx-action

aptos-labs/setup-buildx-action

GitHub Action to set up Docker Buildx

3/10
rmacklin/fetch-through-merge-base

rmacklin/fetch-through-merge-base

A GitHub Action for fetching PR commits through the merge-base

3/10
jgillis/delete-release-assets

jgillis/delete-release-assets

GitHub action for deleting assets from a GitHub release.

2/10
envoyproxy/toolshed/actions/github/artifact/cache/id

envoyproxy/toolshed/actions/github/artifact/cache/id

6/10
anchore/stereoscope/.github/actions/bootstrap

anchore/stereoscope/.github/actions/bootstrap

go library for processing container images and simulating a squash filesystem

6/10
ministryofjustice/laa-info-and-advice-datastore/.github/actions/deploy

ministryofjustice/laa-info-and-advice-datastore/.github/actions/deploy

Info & Advice Datastore

7/10