Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 938 82

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 303 50

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 294 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 489 303

Repositories

Showing 10 of 208 repositories
  • github-action-aerospike Public

    GitHub Action to set up an Aerospike database. Secure drop-in replacement for reugn/github-action-aerospike.

    step-security/github-action-aerospike’s past year of commit activity
    0 0 0 0 Updated Jan 9, 2026
  • pip-action Public

    Github Action to install Pip packages. Secure drop-in replacement for BSFishy/pip-action.

    step-security/pip-action’s past year of commit activity
    0 0 0 1 Updated Jan 9, 2026
  • dependabot-fetch-metadata Public

    Extract information about the dependencies being updated by a Dependabot-generated PR. Secure drop-in replacement for dependabot/fetch-metadata.

    step-security/dependabot-fetch-metadata’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Jan 9, 2026
  • install-jq-action Public

    Multiplatform jq installer action. Secure drop-in replacement for dcarbone/install-jq-action.

    step-security/install-jq-action’s past year of commit activity
    Shell 0 Apache-2.0 1 0 4 Updated Jan 9, 2026
  • ghcommit-action Public

    GitHub Action to commit files to a git branch using the ghcommit utility. Secure drop-in replacement for planetscale/ghcommit-action.

    step-security/ghcommit-action’s past year of commit activity
    Shell 0 Apache-2.0 1 1 8 Updated Jan 9, 2026
  • launchdarkly-gha-flags Public

    Evaluate LaunchDarkly flags in your GitHub Action workflow. Secure drop-in replacement for launchdarkly/gha-flags.

    step-security/launchdarkly-gha-flags’s past year of commit activity
    JavaScript 0 Apache-2.0 1 1 10 Updated Jan 9, 2026
  • release-notes-generator-action Public

    Action to auto generate a release note based on your events. Secure drop-in replacement for Decathlon/release-notes-generator-action.

    step-security/release-notes-generator-action’s past year of commit activity
    Shell 0 Apache-2.0 1 1 7 Updated Jan 9, 2026
  • actions-oidc-debugger Public

    An Action for printing OIDC claims in GitHub Actions. Secure drop-in replacement for github/actions-oidc-debugger.

    step-security/actions-oidc-debugger’s past year of commit activity
    Go 0 MIT 1 1 6 Updated Jan 9, 2026
  • setup-bun Public

    Set up your GitHub Actions workflow with a specific version of Bun. Secure drop-in replacement for oven-sh/setup-bun.

    step-security/setup-bun’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Jan 9, 2026
  • action-discord Public

    🚀 GitHub Action that sends a Discord message. . Secure drop-in replacement for Ilshidur/action-discord.

    step-security/action-discord’s past year of commit activity
    JavaScript 0 MIT 1 1 11 Updated Jan 9, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…