StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

casadi/action-setup-compiler

casadi/action-setup-compiler

2/10
Maintained action available
mdjahid11978-design/next.js-1/.github/actions/setup-rust

mdjahid11978-design/next.js-1/.github/actions/setup-rust

The React Framework

3/10
felickz/codeql-report

felickz/codeql-report

3/10
alexanderwert/issue-labeler

alexanderwert/issue-labeler

An action for automatically labelling issues

4/10
sonarsource/gh-action_jira-create

sonarsource/gh-action_jira-create

Wrapper for github action atlassian/gajira-create

6/10
stripe/openapi/actions/stripe-mock

stripe/openapi/actions/stripe-mock

An OpenAPI specification for the Stripe API.

8/10
step-security/setup-cocoapods/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/setup-cocoapods/__builder_checkout_dir__/.github/actions/secure-download-artifact

Set up your GitHub Actions workflow with a specific version of Cocoapods. Secure drop-in replacement for maxim-lobanov/setup-cocoapods.

10/10
mgoodness/action-get-merged-pull-request

mgoodness/action-get-merged-pull-request

๐ŸŽฃ GitHub Action to get the pull request merged with the base branch

2/10
lidofinance/linters/.github/actions/lint-docker

lidofinance/linters/.github/actions/lint-docker

3/10
yonasbsd/duckdb/.github/actions/image

yonasbsd/duckdb/.github/actions/image

DuckDB is an analytical in-process SQL database management system

7/10
chronograph-pe/workflow-application-token-action

chronograph-pe/workflow-application-token-action

GitHub Action that will get a scoped short lived token for Actions workflows using a GitHub Application.

2/10
actions-security-demo/script-injection/.grafana-main/.github/workflows/actions/changelog

actions-security-demo/script-injection/.grafana-main/.github/workflows/actions/changelog

2/10
krdlab/setup-haxe

krdlab/setup-haxe

Set up a specific version of Haxe environment for your workflow.

6/10
pascalgn/npm-publish-action

pascalgn/npm-publish-action

GitHub action to automatically publish packages to npm

3/10
danhellem/github-actions-issue-to-work-item

danhellem/github-actions-issue-to-work-item

GitHub Action that creates a Azure DevOps work item when an Issue is created

3/10
nvidia/cuda-quantum/.github/actions/install-ngc-cli

nvidia/cuda-quantum/.github/actions/install-ngc-cli

C++ and Python support for the CUDA Quantum programming model for heterogeneous quantum-classical workflows

8/10
swahtz/spdx

swahtz/spdx

GitHub Action that tests source code for SPDX license headers

2/10
caffeelake/open-instruct/.github/actions/push

caffeelake/open-instruct/.github/actions/push

2/10
step-security/tfclean/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/tfclean/__builder_checkout_dir__/.github/actions/secure-download-artifact

tfclean is tool to remove applied moved block, import block, etc. Secure drop-in replacement for takaishi/tfclean.

8/10
ministryofjustice/devsecops-actions/github/commit

ministryofjustice/devsecops-actions/github/commit

A collection of reusable GitHub Actions that standardise DevSecOps security scanning i.e. SCA, SAST, DAST, secrets, IaC, and container security.

7/10