Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 952 83

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 303 51

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 295 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 493 304

Repositories

Showing 10 of 231 repositories
  • install-jq-action Public

    Multiplatform jq installer action. Secure drop-in replacement for dcarbone/install-jq-action.

    step-security/install-jq-action’s past year of commit activity
    Shell 0 Apache-2.0 1 1 5 Updated Feb 4, 2026
  • issue-closed-labeler-action Public

    Conditionally add or remove labels of issues when closed via a PR. Secure drop-in replacement for RebeccaStevens/issue-closed-labeler-action.

    step-security/issue-closed-labeler-action’s past year of commit activity
    0 0 0 1 Updated Feb 4, 2026
  • actions-gh-pages Public

    GitHub Actions for GitHub Pages 🚀 Deploy static files and publish your site easily. Static-Site-Generators-friendly. Secure drop-in replacement for peaceiris/actions-gh-pages.

    step-security/actions-gh-pages’s past year of commit activity
    TypeScript 0 MIT 1 0 11 Updated Feb 4, 2026
  • github-action-markdown-link-check Public

    ⛔️ DEPRECATED Check all links in markdown files if they are alive or dead. 🔗✔️PS: https://github.com/tcort/github-action-markdown-link-check. Secure drop-in replacement for gaurav-nelson/github-action-markdown-link-check.

    step-security/github-action-markdown-link-check’s past year of commit activity
    0 0 0 0 Updated Feb 4, 2026
  • action-semantic-demo Public
    step-security/action-semantic-demo’s past year of commit activity
    TypeScript 0 Apache-2.0 0 2 40 Updated Feb 4, 2026
  • release-drafter Public

    Drafts your next release notes as pull requests are merged into master. Secure drop-in replacement for release-drafter/release-drafter.

    step-security/release-drafter’s past year of commit activity
    0 0 0 1 Updated Feb 4, 2026
  • setup-uv Public

    Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/. Secure drop-in replacement for astral-sh/setup-uv.

    step-security/setup-uv’s past year of commit activity
    TypeScript 0 MIT 1 1 16 Updated Feb 4, 2026
  • setup-trivy Public

    Set up your GitHub Actions workflow with a specific version of Trivy. Secure drop-in replacement for aquasecurity/setup-trivy.

    step-security/setup-trivy’s past year of commit activity
    0 Apache-2.0 1 0 4 Updated Feb 4, 2026
  • mage-action Public

    GitHub Action for Mage. Secure drop-in replacement for magefile/mage-action.

    step-security/mage-action’s past year of commit activity
    0 0 0 1 Updated Feb 3, 2026
  • scp-action Public

    GitHub Action that copy files and artifacts via SSH. Secure drop-in replacement for appleboy/scp-action.

    step-security/scp-action’s past year of commit activity
    Shell 0 MIT 1 1 4 Updated Feb 3, 2026
View all repositories

Top languages

Loading…