StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

austenstone/merge-queue-demo/.github/actions/create-pr

austenstone/merge-queue-demo/.github/actions/create-pr

GitHub Merge Queue demo

3/10
pravipati-sandbox/codeql-action/autobuild

pravipati-sandbox/codeql-action/autobuild

Actions for running CodeQL analysis

2/10
external-secrets/external-secrets/.github/actions/sign

external-secrets/external-secrets/.github/actions/sign

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

7/10
Homebrew/actions/pre-build

Homebrew/actions/pre-build

🚀 Homebrew's GitHub Actions

7/10
fallard84/langchainjs/.github/actions/people

fallard84/langchainjs/.github/actions/people

🦜🔗 Build context-aware reasoning applications 🦜🔗

3/10
ivuorinen/actions/codeql-analysis

ivuorinen/actions/codeql-analysis

ivuorinen's shared actions

7/10
coveo/stew

coveo/stew

Complete Python CI/CD solution built around Poetry.

4/10
Maintained action available
appetizeio/github-action-appetize

appetizeio/github-action-appetize

Github Action to facilitate interaction with the Appetize.io API

4/10
step-security/harden-runner

step-security/harden-runner

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

10/10
ambilykk/copilot-metrics-retention

ambilykk/copilot-metrics-retention

The Copilot Metrics API supplies data spanning a 28-day timeframe. This Action is designed to persistently store this data over time in a JSON file format.

3/10
wuan/test-action

wuan/test-action

2/10
JoftheV/pytorch/.github/actions/teardown-win

JoftheV/pytorch/.github/actions/teardown-win

Tensors and Dynamic neural networks in Python with strong GPU acceleration

3/10
pytorch/hub/test-infra/.github/actions/calculate-docker-image

pytorch/hub/test-infra/.github/actions/calculate-docker-image

Submission to https://pytorch.org/hub/

2/10
Adyen/adyen-platform-experience-web/.github/actions/setup-smartling

Adyen/adyen-platform-experience-web/.github/actions/setup-smartling

Adyen Platform Experience components

7/10
anysphere/docker-cache

anysphere/docker-cache

Cache Docker Images Whether Built or Pulled

2/10
step-security/gh-actions-lua/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/gh-actions-lua/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub action for Lua/LuaJIT. Secure drop-in replacement for leafo/gh-actions-lua.

10/10
step-security/test-reporting/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/test-reporting/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Displays test results from popular testing frameworks directly in GitHub. Secure drop-in replacement for phoenix-actions/test-reporting.

10/10
authzed/action-spicedb-validate

authzed/action-spicedb-validate

GitHub Action for validating your SpiceDB schema

3/10
step-security/ghaction-github-runtime/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/ghaction-github-runtime/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

GitHub Action to expose GitHub runtime to the workflow. Secure drop-in replacement for crazy-max/ghaction-github-runtime.

10/10
scottbrenner/cfn-lint-action

scottbrenner/cfn-lint-action

GitHub Action for interacting with CloudFormation Linter

8/10