StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/sticky-pull-request-comment/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/sticky-pull-request-comment/__builder_checkout_dir__/.github/actions/secure-download-artifact

Create comment on pull request, if exists update that comment. Secure drop-in replacement for marocchino/sticky-pull-request-comment.

10/10
n80fr1n60/secure-checkout

n80fr1n60/secure-checkout

Drop-in replacement for actions/checkout@vX.Y.Z with persist-credentials=false enforced

4/10
kong/developer.konghq.com/.github/reusable-steps/run-site

kong/developer.konghq.com/.github/reusable-steps/run-site

๐Ÿฆ Source code for developer.konghq.com website.

4/10
Maintained action available
lfreleng-actions/maven-make-build-action

lfreleng-actions/maven-make-build-action

Uses a Makefile to build a Maven project

6/10
nodoubtz-record-label/next.js/.github/actions/upload-turboyet-data

nodoubtz-record-label/next.js/.github/actions/upload-turboyet-data

The React Framework

3/10
smartcontractkit/.github/actions/ctf-cleanup

smartcontractkit/.github/actions/ctf-cleanup

reusable GHA workflows and actions

5/10
Maintained action available
slsa-framework/slsa-github-generator/__builder_checkout_dir__/.github/actions/compute-sha256

slsa-framework/slsa-github-generator/__builder_checkout_dir__/.github/actions/compute-sha256

Language-agnostic SLSA provenance generation for Github Actions

4/10
manticoresoftware/publish_to_repo

manticoresoftware/publish_to_repo

Action to publish packages to Manticore repo

3/10
release-drafter/release-drafter/docker

release-drafter/release-drafter/docker

Drafts your next release notes as pull requests are merged into master.

5/10
Maintained action available
aerospike/spring-data-aerospike-starters/.github/actions/stage-release-artifacts

aerospike/spring-data-aerospike-starters/.github/actions/stage-release-artifacts

spring-data-aerospike-starters

6/10
sakhnovict/add-reviewers-action

sakhnovict/add-reviewers-action

GitHub Action to add reviewer(s) to a pull request.

2/10
redhat-actions/oc-new-app

redhat-actions/oc-new-app

Github Action to deploy and expose an application on Openshift

3/10
oasdiff/oasdiff-action/breaking

oasdiff/oasdiff-action/breaking

GitHub action for comparing and detect breaking changes in OpenAPI specs

6/10
jordanconway/package-manager-hardening

jordanconway/package-manager-hardening

A non-exhaustive list of package manager hardening recommendations to help prevent supply chain vulnerability attacks. Includes AGENTS.md files, skills and Github Action to audit and enforce these recommendations.

6/10
garygrossgarten/github-action-scp

garygrossgarten/github-action-scp

โฌ†๏ธ Copy a folder to a remote server using SSH

5/10
august-murr/auto-labeler

august-murr/auto-labeler

2/10
git-hub-chris/visualstudiocode/actions/needs-more-info-closer

git-hub-chris/visualstudiocode/actions/needs-more-info-closer

Microsoft Visual Studio Code.

6/10
caffeelake/cilium/.github/actions/setup-eks-cluster

caffeelake/cilium/.github/actions/setup-eks-cluster

eBPF-based Networking, Security, and Observability

3/10
yonasbsd/sanity/.github/actions/setup

yonasbsd/sanity/.github/actions/setup

Sanity Studio โ€“ Rapidly configure content workspaces powered by structured content

3/10
Maintained action available
step-security/read-yaml/__builder_checkout_dir__/.github/actions/privacy-check

step-security/read-yaml/__builder_checkout_dir__/.github/actions/privacy-check

A GitHub Action to read yaml files. Secure drop-in replacement for jbutcher5/read-yaml.

10/10