Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 97

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Go 96 12

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 319 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 501 311

Repositories

Showing 10 of 309 repositories
  • actions-comment-pull-request Public

    GitHub action to comment pull request. Secure drop-in replacement for thollander/actions-comment-pull-request.

    step-security/actions-comment-pull-request’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 23, 2026
  • ghaction-setup-containerd Public

    GitHub Action to set up containerd. Secure drop-in replacement for crazy-max/ghaction-setup-containerd.

    step-security/ghaction-setup-containerd’s past year of commit activity
    TypeScript 0 MIT 1 1 14 Updated Apr 23, 2026
  • action-read-yaml Public

    Custom github action used to read yaml files, supporting multiple keys and variable replacements. Secure drop-in replacement for pietrobolcato/action-read-yaml.

    step-security/action-read-yaml’s past year of commit activity
    JavaScript 0 MIT 1 1 8 Updated Apr 23, 2026
  • action-golangci-lint Public

    Run golangci-lint with reviewdog. Secure drop-in replacement for reviewdog/action-golangci-lint.

    step-security/action-golangci-lint’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 23, 2026
  • github-tag-action Public

    A Github Action to automatically bump and tag master, on merge, with the latest SemVer formatted version. Works on any platform. Secure drop-in replacement for mathieudutour/github-tag-action.

    step-security/github-tag-action’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 23, 2026
  • cucumber-report-annotations-action Public

    A GitHub action to publish cucumber report on pull request annotations. Secure drop-in replacement for deblockt/cucumber-report-annotations-action.

    step-security/cucumber-report-annotations-action’s past year of commit activity
    JavaScript 0 MIT 1 1 12 Updated Apr 23, 2026
  • cypress-io-github-action Public

    GitHub Action for running Cypress end-to-end & component tests. Secure drop-in replacement for cypress-io/github-action.

    step-security/cypress-io-github-action’s past year of commit activity
    JavaScript 0 MIT 1 1 53 Updated Apr 23, 2026
  • publish-crates Public

    GitHub action to get easy publishing of Rust crates. Secure drop-in replacement for katyo/publish-crates.

    step-security/publish-crates’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 23, 2026
  • repository-dispatch Public

    A GitHub action to create a repository dispatch event. Secure drop-in replacement for peter-evans/repository-dispatch.

    step-security/repository-dispatch’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 23, 2026
  • setup-uv Public

    Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/. Secure drop-in replacement for astral-sh/setup-uv.

    step-security/setup-uv’s past year of commit activity
    TypeScript 0 MIT 1 1 17 Updated Apr 23, 2026

Most used topics

Loading…