Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 95

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Shell 78 11

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 317 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 501 309

Repositories

Showing 10 of 298 repositories
  • mise-action Public

    jdx/mise-action is a GitHub Action that integrates the mise tool into your CI/CD workflows. Secure drop-in replacement for jdx/mise-action.

    step-security/mise-action’s past year of commit activity
    TypeScript 0 MIT 1 1 13 Updated Apr 9, 2026
  • slash-command-dispatch Public

    A GitHub action that facilitates "ChatOps" by creating repository dispatch events for slash commands. Secure drop-in replacement for peter-evans/slash-command-dispatch.

    step-security/slash-command-dispatch’s past year of commit activity
    TypeScript 0 MIT 1 0 11 Updated Apr 9, 2026
  • gha-setup-vsdevenv Public

    GitHub Action to setup the VS dev environment for the job. Secure drop-in replacement for compnerd/gha-setup-vsdevenv.

    step-security/gha-setup-vsdevenv’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Apr 9, 2026
  • test-reporting Public

    Displays test results from popular testing frameworks directly in GitHub. Secure drop-in replacement for phoenix-actions/test-reporting.

    step-security/test-reporting’s past year of commit activity
    TypeScript 0 MIT 1 1 21 Updated Apr 9, 2026
  • test-reporter Public

    Displays test results from popular testing frameworks directly in GitHub. Secure drop-in replacement for dorny/test-reporter.

    step-security/test-reporter’s past year of commit activity
    TypeScript 0 MIT 1 2 22 Updated Apr 9, 2026
  • docker-login-action Public

    GitHub Action to login against a Docker registry. Secure drop-in replacement for docker/login-action.

    step-security/docker-login-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 12 Updated Apr 9, 2026
  • changeset-action Public

    Secure drop-in replacement for changesets/action.

    step-security/changeset-action’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 9, 2026
  • cypress-io-github-action Public

    GitHub Action for running Cypress end-to-end & component tests. Secure drop-in replacement for cypress-io/github-action.

    step-security/cypress-io-github-action’s past year of commit activity
    JavaScript 0 MIT 1 1 59 Updated Apr 9, 2026
  • ghaction-setup-docker Public

    GitHub Action to set up (download and install) Docker CE. Secure drop-in replacement for docker/setup-docker-action.

    step-security/ghaction-setup-docker’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 14 Updated Apr 9, 2026
  • terraform-cloud-provider-publish Public

    An action for publishing terraform providers to a private registry. Secure drop-in replacement for thechrisjohnson/terraform-cloud-provider-publish.

    step-security/terraform-cloud-provider-publish’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Apr 9, 2026
View all repositories

Most used topics

Loading…