Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 941 82

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 303 50

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 294 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 489 303

Repositories

Showing 10 of 212 repositories
  • setup-xcode Public

    Set up your GitHub Actions workflow with a specific version of Xcode. Secure drop-in replacement for maxim-lobanov/setup-xcode.

    step-security/setup-xcode’s past year of commit activity
    0 0 0 2 Updated Jan 15, 2026
  • docker-swiftlint Public

    Docker image of SwiftLint on ubuntu. Secure drop-in replacement for norio-nomura/docker-swiftlint.

    step-security/docker-swiftlint’s past year of commit activity
    0 0 0 2 Updated Jan 15, 2026
  • get-cmake Public

    Install and Cache latest CMake and Ninja for your workflows on your GitHub. Secure drop-in replacement for lukka/get-cmake.

    step-security/get-cmake’s past year of commit activity
    TypeScript 0 MIT 1 1 15 Updated Jan 15, 2026
  • ansible-galaxy-action Public

    This Action will import ansible roles on galaxy-ng. Secure drop-in replacement for ansible-actions/ansible-galaxy-action.

    step-security/ansible-galaxy-action’s past year of commit activity
    Python 0 MIT 1 1 6 Updated Jan 15, 2026
  • actions-codespell Public

    A GitHub Actions to run codespell over your code. Secure drop-in replacement for codespell-project/actions-codespell.

    step-security/actions-codespell’s past year of commit activity
    Shell 0 MIT 2 1 7 Updated Jan 15, 2026
  • ghaction-github-status Public

    GitHub Action to check GitHub Status in your workflow. Secure drop-in replacement for crazy-max/ghaction-github-status.

    step-security/ghaction-github-status’s past year of commit activity
    0 0 0 1 Updated Jan 15, 2026
  • action-swiftlint Public

    GitHub Action for SwiftLint. Secure drop-in replacement for norio-nomura/action-swiftlint.

    step-security/action-swiftlint’s past year of commit activity
    0 0 0 3 Updated Jan 15, 2026
  • pip-action Public

    Github Action to install Pip packages. Secure drop-in replacement for BSFishy/pip-action.

    step-security/pip-action’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Jan 15, 2026
  • setup-uv Public

    Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/. Secure drop-in replacement for astral-sh/setup-uv.

    step-security/setup-uv’s past year of commit activity
    TypeScript 0 MIT 1 1 16 Updated Jan 15, 2026
  • action-remove-labels Public

    🏷️ GitHub Action to remove labels. Secure drop-in replacement for actions-ecosystem/action-remove-labels.

    step-security/action-remove-labels’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 8 Updated Jan 14, 2026
View all repositories

Top languages

Loading…