StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

SonarSource/sonarqube-scan-action/install-build-wrapper

SonarSource/sonarqube-scan-action/install-build-wrapper

7/10
caphyon/advinst-github-action

caphyon/advinst-github-action

GitHub action for Advanced Installer tool

2/10
dataaxiom/ghcr-cleanup-action

dataaxiom/ghcr-cleanup-action

GitHub Container Registry Cleanup Action

3/10
crazy-max/ghaction-upx

crazy-max/ghaction-upx

GitHub Action for UPX, the Ultimate Packer for eXecutables

4/10
wolfi-dev/actions/wolfictl-update-gh

wolfi-dev/actions/wolfictl-update-gh

A collection of reusable Github Actions workflows.

8/10
blinqas/tf-plan-pr-comment

blinqas/tf-plan-pr-comment

blinqas/tf-plan-pr-comment

5/10
grafana/database-plugin-tools/.github/actions/check-labels

grafana/database-plugin-tools/.github/actions/check-labels

Create Grafana plugins with ease.

3/10
codecov/codecov-action

codecov/codecov-action

GitHub Action that uploads coverage to Codecov :open_umbrella:

9/10
uraimo/run-on-arch-action

uraimo/run-on-arch-action

A Github Action that executes jobs/commands on non-x86 cpu architectures (ARMv6, ARMv7, aarch64, s390x, ppc64le, riscv64) via QEMU

5/10
step-security/action-gh-release/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

step-security/action-gh-release/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

GitHub Action for creating GitHub Releases. Secure drop-in replacement for softprops/action-gh-release.

10/10
step-security/cirruslabs-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/cirruslabs-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Cache dependencies and build outputs in GitHub Actions. Secure drop-in replacement for cirruslabs/cache.

10/10
rapidsai/devcontainers/.github/actions/build-windows-image

rapidsai/devcontainers/.github/actions/build-windows-image

5/10
Maintained action available
zarf-dev/setup-zarf

zarf-dev/setup-zarf

GitHub Action for Installing and Configuring Zarf

4/10
crazy-max/ghaction-chocolatey

crazy-max/ghaction-chocolatey

GitHub Action for Chocolatey, the package manager for Windows

5/10
zephyrproject-rtos/action_scancode

zephyrproject-rtos/action_scancode

3/10
pulumi/setup-pulumi

pulumi/setup-pulumi

GitHub Action to install the Pulumi CLI

3/10
deblockt/cucumber-report-annotations-action

deblockt/cucumber-report-annotations-action

a github action to publish cucumber report on pull request annotations

2/10
step-security/action-remove-labels/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/action-remove-labels/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

🏷️ GitHub Action to remove labels. Secure drop-in replacement for actions-ecosystem/action-remove-labels.

10/10
andife/openvino/.github/actions/cache/cleanup

andife/openvino/.github/actions/cache/cleanup

OpenVINO™ is an open source toolkit for optimizing and deploying AI inference

3/10
svanboxel/zaproxy-to-ghas

svanboxel/zaproxy-to-ghas

Present ZAProxy results in GitHub Advanced Security

3/10