StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

stripe/openapi/actions/stripe-mock

stripe/openapi/actions/stripe-mock

An OpenAPI specification for the Stripe API.

8/10
step-security/setup-cocoapods/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/setup-cocoapods/__builder_checkout_dir__/.github/actions/secure-download-artifact

Set up your GitHub Actions workflow with a specific version of Cocoapods. Secure drop-in replacement for maxim-lobanov/setup-cocoapods.

9/10
mgoodness/action-get-merged-pull-request

mgoodness/action-get-merged-pull-request

๐ŸŽฃ GitHub Action to get the pull request merged with the base branch

2/10
lidofinance/linters/.github/actions/lint-docker

lidofinance/linters/.github/actions/lint-docker

3/10
yonasbsd/duckdb/.github/actions/image

yonasbsd/duckdb/.github/actions/image

DuckDB is an analytical in-process SQL database management system

7/10
chronograph-pe/workflow-application-token-action

chronograph-pe/workflow-application-token-action

GitHub Action that will get a scoped short lived token for Actions workflows using a GitHub Application.

2/10
actions-security-demo/script-injection/.grafana-main/.github/workflows/actions/changelog

actions-security-demo/script-injection/.grafana-main/.github/workflows/actions/changelog

2/10
danhellem/github-actions-issue-to-work-item

danhellem/github-actions-issue-to-work-item

GitHub Action that creates a Azure DevOps work item when an Issue is created

4/10
nvidia/cuda-quantum/.github/actions/install-ngc-cli

nvidia/cuda-quantum/.github/actions/install-ngc-cli

C++ and Python support for the CUDA Quantum programming model for heterogeneous quantum-classical workflows

8/10
swahtz/spdx

swahtz/spdx

GitHub Action that tests source code for SPDX license headers

2/10
caffeelake/open-instruct/.github/actions/push

caffeelake/open-instruct/.github/actions/push

2/10
step-security/tfclean/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/tfclean/__builder_checkout_dir__/.github/actions/secure-download-artifact

tfclean is tool to remove applied moved block, import block, etc. Secure drop-in replacement for takaishi/tfclean.

9/10
ministryofjustice/devsecops-actions/github/commit

ministryofjustice/devsecops-actions/github/commit

A collection of reusable GitHub Actions that standardise DevSecOps security scanning i.e. SCA, SAST, DAST, secrets, IaC, and container security.

8/10
damacus/charts/.github/actions/override-chart-deps

damacus/charts/.github/actions/override-chart-deps

Helm Charts

3/10
nektos/act-test-actions/js-with-pre-and-post-step

nektos/act-test-actions/js-with-pre-and-post-step

2/10
actions-ecosystem/action-get-latest-tag

actions-ecosystem/action-get-latest-tag

โœจ GitHub Action to get a latest Git tag

5/10
mvasigh/dispatch-action

mvasigh/dispatch-action

Github Action for triggering other workflows via message passing

2/10
chronograph-pe/setup-buildx-action

chronograph-pe/setup-buildx-action

GitHub Action to set up Docker Buildx

3/10
jedsalazar/cg-actions/setup-kind

jedsalazar/cg-actions/setup-kind

A collection of reusable Github Actions workflows.

3/10
metamask/github-tools/.github/actions/flaky-test-report

metamask/github-tools/.github/actions/flaky-test-report

An assortment of tools interacting with the GitHub API to get metrics for things like PR review comments/reviews

5/10
Maintained action available