Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 993 87

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds.

    Shell 18

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 309 50

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 496 303

Repositories

Showing 10 of 265 repositories
  • setup-swift Public

    GitHub Action to setup Swift environment. Secure drop-in replacement for SwiftyLab/setup-swift.

    step-security/setup-swift’s past year of commit activity
    TypeScript 0 MIT 1 0 10 Updated Mar 11, 2026
  • action-staticcheck Public

    🐶 Run staticcheck with reviewdog on pull requests to improve code review experience. Secure drop-in replacement for reviewdog/action-staticcheck.

    step-security/action-staticcheck’s past year of commit activity
    0 0 0 1 Updated Mar 12, 2026
  • mage-action Public

    GitHub Action for Mage. Secure drop-in replacement for magefile/mage-action.

    step-security/mage-action’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Mar 12, 2026
  • allure-action Public

    Secure drop-in replacement for allure-framework/allure-action.

    step-security/allure-action’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Mar 12, 2026
  • action-download-artifact Public

    ⚙️ A GitHub Action to download an artifact associated with given workflow and commit or other criteria. Secure drop-in replacement for dawidd6/action-download-artifact.

    step-security/action-download-artifact’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Mar 11, 2026
  • create-or-update-comment Public

    A GitHub action to create or update an issue or pull request comment. Secure drop-in replacement for peter-evans/create-or-update-comment.

    step-security/create-or-update-comment’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Mar 12, 2026
  • create-pull-request Public

    A GitHub action to create a pull request for changes to your repository in the actions workspace. Secure drop-in replacement for peter-evans/create-pull-request.

    step-security/create-pull-request’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Mar 12, 2026
  • setup-uv Public

    Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/. Secure drop-in replacement for astral-sh/setup-uv.

    step-security/setup-uv’s past year of commit activity
    TypeScript 0 MIT 1 1 15 Updated Mar 12, 2026
  • setup-gcloud Public

    A GitHub Action for installing and configuring the gcloud CLI. Secure drop-in replacement for google-github-actions/setup-gcloud.

    step-security/setup-gcloud’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated Mar 12, 2026
  • hide-comment-action Public

    Action to hide (minimize) comments in pull request. Secure drop-in replacement for int128/hide-comment-action.

    step-security/hide-comment-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 12 Updated Mar 12, 2026
View all repositories

Most used topics

Loading…