Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 97

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Go 96 13

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 317 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 501 310

Repositories

Showing 10 of 303 repositories
  • slack-github-action Public

    Send data into Slack using this GitHub Action!. Secure drop-in replacement for slackapi/slack-github-action.

    step-security/slack-github-action’s past year of commit activity
    JavaScript 0 MIT 1 1 10 Updated Apr 17, 2026
  • docker-build-push-action Public

    GitHub Action to build and push Docker images with Buildx. Secure drop-in replacement for docker/build-push-action.

    step-security/docker-build-push-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 13 Updated Apr 17, 2026
  • go-test-action Public

    🧪 Action to run `go test` with rich summary output and annotations. Secure drop-in replacement for robherley/go-test-action.

    step-security/go-test-action’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Apr 17, 2026
  • commitlint-github-action Public

    Lints Pull Request commits with commitlint. Secure drop-in replacement for wagoid/commitlint-github-action.

    step-security/commitlint-github-action’s past year of commit activity
    JavaScript 0 MIT 1 0 12 Updated Apr 17, 2026
  • aws-codebuild-run-build Public

    Run an AWS CodeBuild project as a step in a GitHub Actions workflow job. Secure drop-in replacement for aws-actions/aws-codebuild-run-build.

    step-security/aws-codebuild-run-build’s past year of commit activity
    JavaScript 0 Apache-2.0 1 0 9 Updated Apr 17, 2026
  • actions-rs-toolchain Public

    🛠️ GitHub Action for `rustup` commands. Secure drop-in replacement for actions-rs/toolchain.

    step-security/actions-rs-toolchain’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Apr 17, 2026
  • github-create-release-action Public

    Create a GitHub release from a Tag. Secure drop-in replacement for Roang-zero1/github-create-release-action.

    step-security/github-create-release-action’s past year of commit activity
    Shell 0 MIT 1 1 7 Updated Apr 17, 2026
  • setup-qemu-action Public

    GitHub Action to install QEMU static binaries. Secure drop-in replacement for docker/setup-qemu-action.

    step-security/setup-qemu-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated Apr 17, 2026
  • zip-release Public

    GitHub action that can be used to create release zip archive. Secure drop-in replacement for TheDoctor0/zip-release.

    step-security/zip-release’s past year of commit activity
    Shell 0 MIT 1 1 5 Updated Apr 17, 2026
  • tj-actions-glob Public

    :octocat: Github action to match glob patterns with support for matching deleted files. Secure drop-in replacement for tj-actions/glob.

    step-security/tj-actions-glob’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Apr 17, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…