StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

lgtm-hq/lgtm-ci/.github/actions/upload-pypi-oidc

lgtm-hq/lgtm-ci/.github/actions/upload-pypi-oidc

Reusable CI/CD components: composite actions, workflows, and shell libraries for GitHub Actions

8/10
step-security/release-drafter/null

step-security/release-drafter/null

Drafts your next release notes as pull requests are merged into master. Secure drop-in replacement for release-drafter/release-drafter.

10/10
sasobadovinac/occt/.github/actions/clang-format-check

sasobadovinac/occt/.github/actions/clang-format-check

Open CASCADE Technology (OCCT) is an open-source software development platform for 3D CAD, CAM, CAE. This is a clone of the official repository located on https://dev.opencascade.org/. Please use official development portal for registering issues and providing patches.

5/10
Maintained action available
useblacksmith/build-push-action

useblacksmith/build-push-action

GitHub Action to build and push Docker images with Buildx

5/10
yonasbsd/rocksdb/.github/actions/windows-build-steps

yonasbsd/rocksdb/.github/actions/windows-build-steps

A library that provides an embeddable, persistent key-value store for fast storage.

5/10
Maintained action available
adrise/connectedhomeip/.github/actions/checkout-submodules-and-bootstrap

adrise/connectedhomeip/.github/actions/checkout-submodules-and-bootstrap

Fork of project-chip/connectedhomeip

3/10
lfreleng-actions/path-check-action

lfreleng-actions/path-check-action

Check if a given path exists in the repository, reports type

4/10
Maintained action available
hyperledger-tooling/github-contributors-action

hyperledger-tooling/github-contributors-action

GitHub action to fetch contributors

4/10
goccy/tobari-action/public-layout.tsx

goccy/tobari-action/public-layout.tsx

GitHub Actions for Tobari

4/10
nvidia/cuequivariance/.github/actions/setup-python-uv

nvidia/cuequivariance/.github/actions/setup-python-uv

cuEquivariance is a math library that is a collective of low-level primitives and tensor ops to accelerate widely-used models, like DiffDock, MACE, Allegro and NEQUIP, based on equivariant neural networks. Also includes kernels for accelerated structure prediction.

3/10
Maintained action available
ai-dynamo/dynamo/.github/actions/install-vcluster-cli

ai-dynamo/dynamo/.github/actions/install-vcluster-cli

A Datacenter Scale Distributed Inference Serving Framework

4/10
Maintained action available
chainguard-actions/actions-create-github-app-token

chainguard-actions/actions-create-github-app-token

2/10
step-security/jest-coverage-action-demo/composite

step-security/jest-coverage-action-demo/composite

9/10
contentful/create-contentful-app/.github/actions/test-app

contentful/create-contentful-app/.github/actions/test-app

Bootstrap a Contentful App

6/10
milhy545/coder/.github/actions/test-cache/fill

milhy545/coder/.github/actions/test-cache/fill

Secure environments for developers and their agents

2/10
jedsalazar/cg-actions/matrix-extra-inputs

jedsalazar/cg-actions/matrix-extra-inputs

A collection of reusable Github Actions workflows.

3/10
lgtm-hq/lgtm-ci/.github/actions/post-pr-comment

lgtm-hq/lgtm-ci/.github/actions/post-pr-comment

Reusable CI/CD components: composite actions, workflows, and shell libraries for GitHub Actions

8/10
circlefin/evm-cpn-contracts/.github/actions/setup

circlefin/evm-cpn-contracts/.github/actions/setup

Official repository for all EVM-compatible smart contracts used by the Circle Payments Network

4/10
grafana/grafana-image-renderer/_shared-workflows-dockerhub-login/actions/get-vault-secrets

grafana/grafana-image-renderer/_shared-workflows-dockerhub-login/actions/get-vault-secrets

A Grafana backend service that handles rendering of panels & dashboards to PNGs using headless browser (Chromium/Chrome)

8/10
sonarsource/sonar-jacoco/.actions/get-build-number

sonarsource/sonar-jacoco/.actions/get-build-number

SonarQube JaCoCo Plugin

7/10