Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 97

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Go 96 12

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 318 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 501 311

Repositories

Showing 10 of 308 repositories
  • publish-unit-test-result-action Public

    GitHub Action to publish unit test results on GitHub. Secure drop-in replacement for EnricoMi/publish-unit-test-result-action.

    step-security/publish-unit-test-result-action’s past year of commit activity
    Python 0 Apache-2.0 4 1 26 Updated Apr 22, 2026
  • dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    step-security/dev-machine-guard’s past year of commit activity
    Go 96 Apache-2.0 12 10 0 Updated Apr 22, 2026
  • mage-action Public

    GitHub Action for Mage. Secure drop-in replacement for magefile/mage-action.

    step-security/mage-action’s past year of commit activity
    TypeScript 0 MIT 1 1 7 Updated Apr 22, 2026
  • gitleaks-action Public

    Protect your secrets using Gitleaks-Action. Secure drop-in replacement for gitleaks/gitleaks-action.

    step-security/gitleaks-action’s past year of commit activity
    TypeScript 1 MIT 1 1 10 Updated Apr 22, 2026
  • release-action Public

    An action which manages a github release. Secure drop-in replacement for ncipollo/release-action.

    step-security/release-action’s past year of commit activity
    TypeScript 0 MIT 1 1 13 Updated Apr 22, 2026
  • setup-sbt Public

    setup-sbt installs the official sbt runner. Secure drop-in replacement for sbt/setup-sbt.

    step-security/setup-sbt’s past year of commit activity
    0 0 0 0 Updated Apr 22, 2026
  • backport-github-action Public

    Backport CLI tool as a Github Action. Secure drop-in replacement for sorenlouv/backport-github-action.

    step-security/backport-github-action’s past year of commit activity
    0 0 0 1 Updated Apr 22, 2026
  • synthetics-ci-github-action Public

    Run Synthetic tests in your GitHub workflows with Datadog Continuous Testing. Secure drop-in replacement for DataDog/synthetics-ci-github-action.

    step-security/synthetics-ci-github-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 6 Updated Apr 22, 2026
  • codeowners-validator Public

    The GitHub CODEOWNERS file validator. Secure drop-in replacement for mszostok/codeowners-validator.

    step-security/codeowners-validator’s past year of commit activity
    Go 0 Apache-2.0 1 1 9 Updated Apr 22, 2026
  • setup-opentofu Public

    Secure drop-in replacement for opentofu/setup-opentofu.

    step-security/setup-opentofu’s past year of commit activity
    JavaScript 0 MPL-2.0 1 1 8 Updated Apr 22, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…