Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 989 86

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds.

    Shell 14

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 307 50

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 495 303

Repositories

Showing 10 of 265 repositories
  • action-staticcheck Public

    🐶 Run staticcheck with reviewdog on pull requests to improve code review experience. Secure drop-in replacement for reviewdog/action-staticcheck.

    step-security/action-staticcheck’s past year of commit activity
    0 0 0 1 Updated Mar 11, 2026
  • swiftylab-ci Public

    Support files and configurations for SwiftyLab's CI. Secure drop-in replacement for SwiftyLab/ci.

    step-security/swiftylab-ci’s past year of commit activity
    0 0 0 1 Updated Mar 11, 2026
  • likec4-actions Public

    A Github Action for various operations and automation over LikeC4 projects. Secure drop-in replacement for likec4/actions.

    step-security/likec4-actions’s past year of commit activity
    TypeScript 0 MIT 1 0 1 Updated Mar 11, 2026
  • setup-swift Public

    GitHub Action to setup Swift environment. Secure drop-in replacement for SwiftyLab/setup-swift.

    step-security/setup-swift’s past year of commit activity
    0 0 0 1 Updated Mar 11, 2026
  • conventional-changelog-action Public

    Github Action that generates a changelog with the Conventional Changelog CLI. Secure drop-in replacement for TriPSs/conventional-changelog-action.

    step-security/conventional-changelog-action’s past year of commit activity
    JavaScript 0 MIT 1 0 9 Updated Mar 11, 2026
  • run-windows-docker-container-action Public

    Action to run windows containers. Secure drop-in replacement for philips-software/run-windows-docker-container-action.

    step-security/run-windows-docker-container-action’s past year of commit activity
    PowerShell 0 MIT 1 0 4 Updated Mar 11, 2026
  • setup-cocoapods Public

    Set up your GitHub Actions workflow with a specific version of Cocoapods. Secure drop-in replacement for maxim-lobanov/setup-cocoapods.

    step-security/setup-cocoapods’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Mar 11, 2026
  • github-action-aerospike Public

    GitHub Action to set up an Aerospike database. Secure drop-in replacement for reugn/github-action-aerospike.

    step-security/github-action-aerospike’s past year of commit activity
    Shell 0 MIT 1 1 6 Updated Mar 11, 2026
  • Cysharp-Actions Public

    Secure drop-in replacement for Cysharp/Actions.

    step-security/Cysharp-Actions’s past year of commit activity
    0 0 0 0 Updated Mar 11, 2026
  • get-cmake Public

    Install and Cache latest CMake and Ninja for your workflows on your GitHub. Secure drop-in replacement for lukka/get-cmake.

    step-security/get-cmake’s past year of commit activity
    TypeScript 0 MIT 1 1 19 Updated Mar 11, 2026
View all repositories

Top languages

Loading…