Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 95

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Shell 91 11

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 317 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 502 309

Repositories

Showing 10 of 298 repositories
  • synthetics-ci-github-action Public

    Run Synthetic tests in your GitHub workflows with Datadog Continuous Testing. Secure drop-in replacement for DataDog/synthetics-ci-github-action.

    step-security/synthetics-ci-github-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 11 Updated Apr 10, 2026
  • tfclean Public

    tfclean is tool to remove applied moved block, import block, etc. Secure drop-in replacement for takaishi/tfclean.

    step-security/tfclean’s past year of commit activity
    Go 0 MIT 1 1 8 Updated Apr 10, 2026
  • sticky-pull-request-comment Public

    Create comment on pull request, if exists update that comment. Secure drop-in replacement for marocchino/sticky-pull-request-comment.

    step-security/sticky-pull-request-comment’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Apr 10, 2026
  • paths-filter Public

    Conditionally run actions based on files modified by PR, feature branch or pushed commits. Secure drop-in replacement for dorny/paths-filter.

    step-security/paths-filter’s past year of commit activity
    TypeScript 3 MIT 5 2 13 Updated Apr 10, 2026
  • release-notes-generator-action Public

    Action to auto generate a release note based on your events. Secure drop-in replacement for Decathlon/release-notes-generator-action.

    step-security/release-notes-generator-action’s past year of commit activity
    Shell 0 Apache-2.0 1 1 7 Updated Apr 10, 2026
  • s3-actions-cache Public

    Cache to S3 storage with official actions/cache@v2 fallback. Secure drop-in replacement for tespkg/actions-cache.

    step-security/s3-actions-cache’s past year of commit activity
    TypeScript 2 MIT 2 1 16 Updated Apr 10, 2026
  • action-semantic-pull-request Public

    GitHub Action that ensures that your PR title matches the Conventional Commits spec. Secure drop-in replacement for amannn/action-semantic-pull-request.

    step-security/action-semantic-pull-request’s past year of commit activity
    JavaScript 1 MIT 4 1 14 Updated Apr 10, 2026
  • dispatch-workflow Public

    A GitHub Action to Dispatch and Discover GitHub Workflows using workflow_dispatch or repository_dispatch. Secure drop-in replacement for lasith-kg/dispatch-workflow.

    step-security/dispatch-workflow’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Apr 10, 2026
  • action-discord Public

    🚀 GitHub Action that sends a Discord message. . Secure drop-in replacement for Ilshidur/action-discord.

    step-security/action-discord’s past year of commit activity
    JavaScript 0 MIT 1 1 12 Updated Apr 10, 2026
  • gha-setup-vsdevenv Public

    GitHub Action to setup the VS dev environment for the job. Secure drop-in replacement for compnerd/gha-setup-vsdevenv.

    step-security/gha-setup-vsdevenv’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Apr 10, 2026
View all repositories

Most used topics

Loading…