Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 927 81

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 302 50

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 294 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 487 301

Repositories

Showing 10 of 190 repositories
  • gradle-actions Public

    A collection of GitHub Actions to accelerate your Gradle Builds on GitHub. Secure drop-in replacement for gradle/actions.

    step-security/gradle-actions’s past year of commit activity
    TypeScript 0 MIT 1 0 10 Updated Dec 13, 2025
  • git-tag-action Public

    [GitHub Action] Get ${version} from package.json and git tag ${version} for the repository. Secure drop-in replacement for pkgdeps/git-tag-action.

    step-security/git-tag-action’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Dec 12, 2025
  • harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

    step-security/harden-runner’s past year of commit activity
    TypeScript 927 Apache-2.0 81 20 21 Updated Dec 12, 2025
  • tj-actions-glob Public

    :octocat: Github action to match glob patterns with support for matching deleted files. Secure drop-in replacement for tj-actions/glob.

    step-security/tj-actions-glob’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Dec 12, 2025
  • setup-android Public

    Android SDK setup for GitHub Actions. Secure drop-in replacement for android-actions/setup-android.

    step-security/setup-android’s past year of commit activity
    0 0 0 1 Updated Dec 12, 2025
  • action-semantic-demo Public
    step-security/action-semantic-demo’s past year of commit activity
    TypeScript 0 MIT 0 2 39 Updated Dec 12, 2025
  • setup-buildx-action Public

    GitHub Action to set up Docker Buildx. Secure drop-in replacement for docker/setup-buildx-action.

    step-security/setup-buildx-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 0 9 Updated Dec 12, 2025
  • rust-cache Public

    A GitHub Action that implements smart caching for rust/cargo projects. Secure drop-in replacement for Swatinem/rust-cache.

    step-security/rust-cache’s past year of commit activity
    TypeScript 0 LGPL-3.0 1 1 19 Updated Dec 12, 2025
  • reusable-workflows Public

    StepSecurity Reusable Workflows

    step-security/reusable-workflows’s past year of commit activity
    Go 0 MIT 3 1 7 Updated Dec 12, 2025
  • cancel-action Public

    Secure drop-in replacement for andymckay/cancel-action.

    step-security/cancel-action’s past year of commit activity
    JavaScript 0 MIT 1 1 5 Updated Dec 12, 2025
View all repositories

Most used topics

Loading…