Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

veracode/Veracode-pipeline-scan-action

veracode/Veracode-pipeline-scan-action

Veracode Pipeline-Scan GitHub Action

4/10
kirillplatonov/action-standard

kirillplatonov/action-standard

Run Standard Ruby with Reviewdog 🐶

3/10
open-policy-agent/setup-opa

open-policy-agent/setup-opa

Sets up Open Policy Agent CLI in your GitHub Actions workflow.

4/10
josStorer/get-current-time

josStorer/get-current-time

This action sets the current ISO8601 time to the time output and also provides readableTime, formattedTime, and many more digital outputs like year, day, second, etc. Useful for setting build times in subsequent steps, renaming your artifact, or keeping the same recorded time for the entire workflow.

3/10
sgammon/verify-hashes

sgammon/verify-hashes

Library, CLI, and GitHub Action for verifying hashes

5/10
ZscalerCWP/Zscaler-IaC-Action

ZscalerCWP/Zscaler-IaC-Action

2/10
42Crunch/api-security-audit-action

42Crunch/api-security-audit-action

3/10
slsa-framework/slsa-github-generator/actions/delegator/setup-generic

slsa-framework/slsa-github-generator/actions/delegator/setup-generic

Language-agnostic SLSA provenance generation for Github Actions

5/10
timheuer/base64-to-file

timheuer/base64-to-file

Take a base64 string and decodes to a file for use in arguments in later actions.

3/10
tgymnich/fork-sync

tgymnich/fork-sync

🔄 Github action to sync your forks

3/10
yonasBSD/toolkit

yonasBSD/toolkit

CI toolkit

3/10
patrickedqvist/wait-for-vercel-preview

patrickedqvist/wait-for-vercel-preview

A github action for waiting for the vercel preview

2/10
italia/publiccode-parser-action

italia/publiccode-parser-action

A simple Github action to validate publiccode.yml

4/10
equitybee/team-label-action

equitybee/team-label-action

⚡️ Auto-label PRs based on the author's team memberships 👥

2/10
achrinza/setup-db2

achrinza/setup-db2

Setup a dev DB2 LUW for plain Linux and GitHub Actions

6/10
extractions/setup-just

extractions/setup-just

🤖 GitHub Action to install the just command runner

5/10
mattaschmann/sync-up-to-codecommit-action

mattaschmann/sync-up-to-codecommit-action

Sync Github to CodeCommit

3/10
step-security/action-semantic-pull-request

step-security/action-semantic-pull-request

GitHub Action that ensures that your PR title matches the Conventional Commits spec

10/10
Maintained by StepSecurity
xanderhendriks/action-build-stm32cubeide

xanderhendriks/action-build-stm32cubeide

Github action for building STM32 Cube IDE projects

4/10
DeLaGuardo/setup-clojure

DeLaGuardo/setup-clojure

GitHub Action to provision clojure's most popular build tools for Linux, Mac OS X and Windows.

7/10