StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

trinodb/github-actions/slash-command-dispatch

trinodb/github-actions/slash-command-dispatch

Github actions used in the Trino project

2/10
slsa-framework/slsa-github-generator/.github/actions/fill

slsa-framework/slsa-github-generator/.github/actions/fill

Language-agnostic SLSA provenance generation for Github Actions

5/10
step-security/workflow-conclusion-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/workflow-conclusion-action/__builder_checkout_dir__/.github/actions/secure-download-artifact

GitHub action to get workflow conclusion. Secure drop-in replacement for technote-space/workflow-conclusion-action.

9/10
step-security/swift-android-action/__builder_checkout_dir__/.github/actions/privacy-check

step-security/swift-android-action/__builder_checkout_dir__/.github/actions/privacy-check

GitHub action to build and run Swift package tests on an Android emulator. Secure drop-in replacement for skiptools/swift-android-action.

10/10
ministryofjustice/hmpps-github-shared-actions/.github/actions/auditjson_to_sarif

ministryofjustice/hmpps-github-shared-actions/.github/actions/auditjson_to_sarif

Shared actions for Github workflows to use - PUT NO WORKFLOWS IN HERE! (bootstrapped 2026-03-30)

4/10
nvidia/cudaqx/.github/actions/get-cudaq-build

nvidia/cudaqx/.github/actions/get-cudaq-build

Accelerated libraries for quantum-classical computing built on CUDA-Q.

4/10
Maintained action available
cli/gh-extension-precompile

cli/gh-extension-precompile

Action for publishing binary GitHub CLI extensions

7/10
open-edge-platform/orch-ci/.github/actions/setup-asdf

open-edge-platform/orch-ci/.github/actions/setup-asdf

Central hub for shared continuous integration (CI) workflows and actions for the Open-Edge-Platform project

8/10
n8n-io/n8n/.github/actions/setup-nodejs-blacksmith

n8n-io/n8n/.github/actions/setup-nodejs-blacksmith

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

5/10
Maintained action available
sasobadovinac/occt/.github/actions/upload-vcpkg-cache

sasobadovinac/occt/.github/actions/upload-vcpkg-cache

Open CASCADE Technology (OCCT) is an open-source software development platform for 3D CAD, CAM, CAE. This is a clone of the official repository located on https://dev.opencascade.org/. Please use official development portal for registering issues and providing patches.

5/10
Maintained action available
elastic/elastic-github-actions/elasticsearch

elastic/elastic-github-actions/elasticsearch

This action spins up an Elasticsearch instance that can be accessed and used in your subsequent steps.

7/10
ministryofjustice/laa-reusable-github-actions/.github/actions/image-scan

ministryofjustice/laa-reusable-github-actions/.github/actions/image-scan

A collection of re-useable GitHub actions

8/10
optum/booster/.github/actions/build

optum/booster/.github/actions/build

Booster Cloud Framework

4/10
Maintained action available
pytorch/tensorrt/test-infra/.github/actions/setup-binary-builds

pytorch/tensorrt/test-infra/.github/actions/setup-binary-builds

PyTorch/TorchScript/FX compiler for NVIDIA GPUs using TensorRT

3/10
Maintained action available
avakar/tag-and-release

avakar/tag-and-release

Automatically create tags and corresponding releases

2/10
run-ai/gajira-login

run-ai/gajira-login

Jira Login GitHub Action

0/10
sigstore/cosign

sigstore/cosign

Code signing and transparency for containers and binaries

8/10
autero1/action-terraform

autero1/action-terraform

GitHub action for setting up Terraform https://terraform.io

3/10
grafana/issue-team-scheduler/image

grafana/issue-team-scheduler/image

4/10
bitwarden/ios/.github/actions/image

bitwarden/ios/.github/actions/image

Bitwarden mobile apps (Password Manager and Authenticator) for iOS.

7/10