StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

chains-project/dirty-waters-action

chains-project/dirty-waters-action

Break the build if your supply chain is dirty

4/10
Maintained action available
myrotvorets/composite-actions/node-run-script

myrotvorets/composite-actions/node-run-script

Composite actions used by our workflows

5/10
Maintained action available
domain-protect/terraform-aws-domain-protect/../../_actions/LocalStack/setup-localstack/9392b05ddb345894c2e86305fc426566e738c1db/startup

domain-protect/terraform-aws-domain-protect/../../_actions/LocalStack/setup-localstack/9392b05ddb345894c2e86305fc426566e738c1db/startup

Terraform module for OWASP Domain Protect on AWS

7/10
salehhashemi1992/ai-code-guard

salehhashemi1992/ai-code-guard

Automatically reviews code changes in pull requests using OpenAI models to generate thoughtful suggestions for improving code quality.

3/10
Yuri6037/Action-FakeTTY

Yuri6037/Action-FakeTTY

FakeTTY GitHub Action

3/10
modeseven-lfreleng-actions/tag-push-verify-action

modeseven-lfreleng-actions/tag-push-verify-action

Verifies the action/workflow event trigger was a tag push event

3/10
SethCohen/github-releases-to-discord

SethCohen/github-releases-to-discord

Posts a GitHub Release changelog to a specified Discord channel

4/10
quotidian-ennui/actions-olio/repo-dispatch

quotidian-ennui/actions-olio/repo-dispatch

It's a gallimaufry of actions

6/10
fossology/fossology-action

fossology/fossology-action

GitHub Action for FOSSology CI scanners.

4/10
step-security/nats-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/nats-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

start nats server(s) for Github Actions. Secure drop-in replacement for onichandame/nats-action.

10/10
step-security/ghaction-setup-docker

step-security/ghaction-setup-docker

GitHub Action to set up (download and install) Docker CE. Secure drop-in replacement for docker/setup-docker-action.

10/10
Maintained by StepSecurity
lfreleng-actions/json-key-value-lookup-action

lfreleng-actions/json-key-value-lookup-action

Action to perform a lookup from a JSON string containing a simple array of key/value pairs.

4/10
reviewdog/action-terraform-validate

reviewdog/action-terraform-validate

:dog: Run terraform validate with reviewdog

3/10
chronograph-pe/helmfile-action

chronograph-pe/helmfile-action

helmfile-action

3/10
step-security/create-or-update-pull-request-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/create-or-update-pull-request-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

A GitHub Action to create or update a pull request based on local changes. Secure drop-in replacement for gr2m/create-or-update-pull-request-action.

10/10
chainguard-dev/digestabot

chainguard-dev/digestabot

A Github Action to automatically update digests for container images.

7/10
edera-dev/libscap-bindings/.github/actions/install-llvm

edera-dev/libscap-bindings/.github/actions/install-llvm

Rust bindings for Falco's `libscap` eBPF monitoring backend C library

5/10
actionutils/dynamic-uses

actionutils/dynamic-uses

Dynamically resolve and use another GitHub action

3/10
grafana/prometheus-alertmanager/.github/promci/actions/setup_environment

grafana/prometheus-alertmanager/.github/promci/actions/setup_environment

Prometheus Alertmanager

4/10
mergifyio/gha-mergify-ci

mergifyio/gha-mergify-ci

GitHub Actions integration with Mergify CI Issues

4/10
Maintained action available