StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

sailpoint-oss/api-linter/packages/github-spectral-comment

sailpoint-oss/api-linter/packages/github-spectral-comment

Spectral Sailpoint Rulesets and Functions

3/10
Maintained action available
politicalsphere/ci/.github/actions/ps-pr-comment

politicalsphere/ci/.github/actions/ps-pr-comment

CI/CD pipelines and GitHub Actions for Political Sphere

2/10
sandersaarond/shared-workflows/actions/bundle-plugin

sandersaarond/shared-workflows/actions/bundle-plugin

A public-facing, centralized place to store reusable workflows used by Grafana Labs.

0/10
yonasbsd/grafana/ephemeral

yonasbsd/grafana/ephemeral

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

2/10
Maintained action available
reality2byte/docs/.github/actions/clone-translations

reality2byte/docs/.github/actions/clone-translations

The open-source repo for docs.github.com

2/10
dotnet/docs-tools/cleanrepo/cleanrepo

dotnet/docs-tools/cleanrepo/cleanrepo

This repo contains GitHub Actions and other tools that are designed to be invoked on DocFx repositories.

4/10
Maintained action available
nvidia-nemo/export-deploy/fw-ci-templates/.github/actions/publish-docs

nvidia-nemo/export-deploy/fw-ci-templates/.github/actions/publish-docs

A library for exporting models including NeMo and Hugging Face to optimized inference backends, and deploying them for efficient querying

8/10
broadsage/containers/.github/actions/build-metadata

broadsage/containers/.github/actions/build-metadata

Primary source of truth for the Broadsage Container Images

5/10
tj-actions/bandit

tj-actions/bandit

:octocat: Github action to run PyCQA's bandit security linter.

4/10
ytanikin/prconventionalcommits

ytanikin/prconventionalcommits

2/10
step-security/sticky-pull-request-comment/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/sticky-pull-request-comment/__builder_checkout_dir__/.github/actions/secure-download-artifact

Create comment on pull request, if exists update that comment. Secure drop-in replacement for marocchino/sticky-pull-request-comment.

10/10
n80fr1n60/secure-checkout

n80fr1n60/secure-checkout

Drop-in replacement for actions/checkout@vX.Y.Z with persist-credentials=false enforced

4/10
lfreleng-actions/maven-make-build-action

lfreleng-actions/maven-make-build-action

Uses a Makefile to build a Maven project

4/10
Maintained action available
nodoubtz-record-label/next.js/.github/actions/upload-turboyet-data

nodoubtz-record-label/next.js/.github/actions/upload-turboyet-data

The React Framework

3/10
smartcontractkit/.github/actions/ctf-cleanup

smartcontractkit/.github/actions/ctf-cleanup

reusable GHA workflows and actions

5/10
Maintained action available
slsa-framework/slsa-github-generator/__builder_checkout_dir__/.github/actions/compute-sha256

slsa-framework/slsa-github-generator/__builder_checkout_dir__/.github/actions/compute-sha256

Language-agnostic SLSA provenance generation for Github Actions

6/10
manticoresoftware/publish_to_repo

manticoresoftware/publish_to_repo

Action to publish packages to Manticore repo

3/10
release-drafter/release-drafter/docker

release-drafter/release-drafter/docker

Drafts your next release notes as pull requests are merged into master.

5/10
Maintained action available
aerospike/spring-data-aerospike-starters/.github/actions/stage-release-artifacts

aerospike/spring-data-aerospike-starters/.github/actions/stage-release-artifacts

spring-data-aerospike-starters

5/10
Maintained action available
sakhnovict/add-reviewers-action

sakhnovict/add-reviewers-action

GitHub Action to add reviewer(s) to a pull request.

2/10