StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

yonasBSD/mise/.github/actions/fetch-token

yonasBSD/mise/.github/actions/fetch-token

dev tools, env vars, task runner

6/10
anysphere/docker-cache

anysphere/docker-cache

Cache Docker Images Whether Built or Pulled

2/10
step-security/gh-actions-lua/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/gh-actions-lua/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub action for Lua/LuaJIT. Secure drop-in replacement for leafo/gh-actions-lua.

10/10
step-security/test-reporting/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/test-reporting/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Displays test results from popular testing frameworks directly in GitHub. Secure drop-in replacement for phoenix-actions/test-reporting.

9/10
authzed/action-spicedb-validate

authzed/action-spicedb-validate

GitHub Action for validating your SpiceDB schema

4/10
step-security/ghaction-github-runtime/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/ghaction-github-runtime/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

GitHub Action to expose GitHub runtime to the workflow. Secure drop-in replacement for crazy-max/ghaction-github-runtime.

10/10
scottbrenner/cfn-lint-action

scottbrenner/cfn-lint-action

GitHub Action for interacting with CloudFormation Linter

8/10
SonarSource/sonarqube-scan-action/install-build-wrapper

SonarSource/sonarqube-scan-action/install-build-wrapper

5/10
caphyon/advinst-github-action

caphyon/advinst-github-action

GitHub action for Advanced Installer tool

2/10
dataaxiom/ghcr-cleanup-action

dataaxiom/ghcr-cleanup-action

GitHub Container Registry Cleanup Action

3/10
crazy-max/ghaction-upx

crazy-max/ghaction-upx

GitHub Action for UPX, the Ultimate Packer for eXecutables

3/10
wolfi-dev/actions/wolfictl-update-gh

wolfi-dev/actions/wolfictl-update-gh

A collection of reusable Github Actions workflows.

8/10
blinqas/tf-plan-pr-comment

blinqas/tf-plan-pr-comment

blinqas/tf-plan-pr-comment

5/10
grafana/database-plugin-tools/.github/actions/check-labels

grafana/database-plugin-tools/.github/actions/check-labels

Create Grafana plugins with ease.

3/10
codecov/codecov-action

codecov/codecov-action

GitHub Action that uploads coverage to Codecov :open_umbrella:

8/10
uraimo/run-on-arch-action

uraimo/run-on-arch-action

A Github Action that executes jobs/commands on non-x86 cpu architectures (ARMv6, ARMv7, aarch64, s390x, ppc64le, riscv64) via QEMU

5/10
step-security/action-gh-release/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

step-security/action-gh-release/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

GitHub Action for creating GitHub Releases. Secure drop-in replacement for softprops/action-gh-release.

10/10
step-security/cirruslabs-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/cirruslabs-cache/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Cache dependencies and build outputs in GitHub Actions. Secure drop-in replacement for cirruslabs/cache.

10/10
rapidsai/devcontainers/.github/actions/build-windows-image

rapidsai/devcontainers/.github/actions/build-windows-image

5/10
Maintained action available
ministryofjustice/payforlegalaid/.github/snyk-scan

ministryofjustice/payforlegalaid/.github/snyk-scan

7/10