StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

envoyproxy/toolshed/gh-actions/bind-mounts

envoyproxy/toolshed/gh-actions/bind-mounts

6/10
checkmarx-ts/checkmarx-github-action

checkmarx-ts/checkmarx-github-action

Checkmarx Scan Github Action

3/10
carlosperate/download-file-action

carlosperate/download-file-action

GitHub Action to download a file from the internet into the workspace to use in your workflow.

3/10
nam20485/docs-1/.github/actions/get-docs-early-access

nam20485/docs-1/.github/actions/get-docs-early-access

The open-source repo for docs.github.com

0/10
step-security/read-yaml/__builder_checkout_dir__/.github/actions/action.yml

step-security/read-yaml/__builder_checkout_dir__/.github/actions/action.yml

A GitHub Action to read yaml files. Secure drop-in replacement for jbutcher5/read-yaml.

10/10
grafana/grafana-github-actions-go/github-release

grafana/grafana-github-actions-go/github-release

Grafana GitHub Actions in Golang

4/10
coveo/ui-kit/.github/actions/playwright-headless-ssr-commerce-nextjs

coveo/ui-kit/.github/actions/playwright-headless-ssr-commerce-nextjs

Coveo UI kit repository, home of @coveo/headless, @coveo/atomic, and more.

4/10
Maintained action available
nvidia/aicr/.github/actions/generate-slsa-predicate

nvidia/aicr/.github/actions/generate-slsa-predicate

Tooling for optimized, validated, and reproducible GPU-accelerated AI runtime in Kubernetes

7/10
pietrobolcato/action-read-yaml

pietrobolcato/action-read-yaml

Custom github action used to read yaml files, supporting multiple keys and variable replacements

1/10
caffeelake/arrow/arrow/.github/actions/sync-nightlies

caffeelake/arrow/arrow/.github/actions/sync-nightlies

Apache Arrow is the universal columnar format and multi-language toolbox for fast data interchange and in-memory analytics

2/10
eball/write-tag-to-version-file

eball/write-tag-to-version-file

A GitHub Action that fetches the latest git tag within a repo and writes this to a file.

3/10
jsumners-nr/gha-node-deps-divergent

jsumners-nr/gha-node-deps-divergent

A GitHub action to determine if Node.js dependencies have changed between a PR and the branch it is based upon.

2/10
elastic/docs-builder/actions/validate-path-prefixes-local

elastic/docs-builder/actions/validate-path-prefixes-local

7/10
approved-3rd-party-actions/expo-github-action/.github/actions/setup

approved-3rd-party-actions/expo-github-action/.github/actions/setup

Expo GitHub Action makes it easy to automate EAS builds or updates

3/10
chainguard-dev/actions/apko-build

chainguard-dev/actions/apko-build

A collection of reusable Github Actions workflows.

8/10
caffeelake/cilium/.github/actions/kind-external-targets

caffeelake/cilium/.github/actions/kind-external-targets

eBPF-based Networking, Security, and Observability

3/10
frits-v/cloud-foundation-fabric/.github/actions/fabric-tests

frits-v/cloud-foundation-fabric/.github/actions/fabric-tests

End-to-end modular samples for Terraform on GCP.

2/10
grafana/epimetheus/.github/promci/actions/publish_main

grafana/epimetheus/.github/promci/actions/publish_main

FrostDB backed Prometheus fork

3/10
luisenmarroquin/setup-ssh-action

luisenmarroquin/setup-ssh-action

GitHub Action that sets up your SSH key on the Virtual Environment

2/10
lgtm-hq/lgtm-ci/.github/actions/harden-runner

lgtm-hq/lgtm-ci/.github/actions/harden-runner

Reusable CI/CD components: composite actions, workflows, and shell libraries for GitHub Actions

4/10