StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

sonarsource/sonar-compliance-reports/.actions/get-build-number

sonarsource/sonar-compliance-reports/.actions/get-build-number

Holds code for generating compliance reports

4/10
caffeelake/cilium/.github/actions/setup-eks-nodegroup

caffeelake/cilium/.github/actions/setup-eks-nodegroup

eBPF-based Networking, Security, and Observability

3/10
step-security/s3-actions-cache

step-security/s3-actions-cache

Cache to S3 storage with official actions/cache@v2 fallback. Secure drop-in replacement for tespkg/actions-cache.

10/10
Maintained by StepSecurity
equinor/farfetched-actions/fusion-deploy

equinor/farfetched-actions/fusion-deploy

Reusable GitHub Actions and Workflows

7/10
rapidsai/shared-actions/trigger-workflow-and-wait

rapidsai/shared-actions/trigger-workflow-and-wait

6/10
homebrew/actions/limit-pull-requests

homebrew/actions/limit-pull-requests

๐Ÿš€ Homebrew's GitHub Actions

7/10
self-actuated/hub-mirror

self-actuated/hub-mirror

GitHub Action to configure a Docker Hub mirror

4/10
nvidia-nemo/emerging-optimizers/.github/actions/test-template

nvidia-nemo/emerging-optimizers/.github/actions/test-template

8/10
step-security/cirruslabs-cache

step-security/cirruslabs-cache

Cache dependencies and build outputs in GitHub Actions. Secure drop-in replacement for cirruslabs/cache.

10/10
Maintained by StepSecurity
step-security/sbom-action/download-syft

step-security/sbom-action/download-syft

GitHub Action for creating software bill of materials using Syft. Secure drop-in replacement for anchore/sbom-action.

10/10
Maintained by StepSecurity
ai-dynamo/dynamo/.github/actions/pytest-local

ai-dynamo/dynamo/.github/actions/pytest-local

A Datacenter Scale Distributed Inference Serving Framework

4/10
Maintained action available
mikepenz/action-junit-report

mikepenz/action-junit-report

Reports junit test results as GitHub Pull Request Check

9/10
h2o-gpt/spring-boot/.github/actions/print-jvm-thread-dumps

h2o-gpt/spring-boot/.github/actions/print-jvm-thread-dumps

Spring Boot helps you to create Spring-powered, production-grade applications and services with absolute minimum fuss.

2/10
elastic/oblt-actions/test-report

elastic/oblt-actions/test-report

7/10
label305/autorebase

label305/autorebase

A GitHub Action that automatically rebases pull requests.

2/10
caffeelake/claude-code/.github/actions/claude-issue-triage-action

caffeelake/claude-code/.github/actions/claude-issue-triage-action

Claude Code is an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explaining complex code, and handling git workflows - all through natural language commands.

5/10
Maintained action available
laingcc/json-to-variables

laingcc/json-to-variables

GitHub action reads JSON file and writes its content as environment variables.

3/10
coveo/ui-kit/.github/actions/playwright-headless-search-react

coveo/ui-kit/.github/actions/playwright-headless-search-react

Coveo UI kit repository, home of @coveo/headless, @coveo/atomic, and more.

4/10
Maintained action available
caffeelake/llvm-project/.github/workflows/unprivileged-download-artifact

caffeelake/llvm-project/.github/workflows/unprivileged-download-artifact

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.

3/10
Maintained action available
lewagon/wait-on-check-action

lewagon/wait-on-check-action

Pause until a job in another workflow completes successfully.

6/10