Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 97

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Go 96 12

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 319 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 501 311

Repositories

Showing 10 of 309 repositories
  • publish-unit-test-result-action Public

    GitHub Action to publish unit test results on GitHub. Secure drop-in replacement for EnricoMi/publish-unit-test-result-action.

    step-security/publish-unit-test-result-action’s past year of commit activity
    Python 0 Apache-2.0 4 1 26 Updated Apr 22, 2026
  • synthetics-ci-github-action Public

    Run Synthetic tests in your GitHub workflows with Datadog Continuous Testing. Secure drop-in replacement for DataDog/synthetics-ci-github-action.

    step-security/synthetics-ci-github-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 8 Updated Apr 22, 2026
  • action-setup Public

    Install pnpm package manager. Secure drop-in replacement for pnpm/action-setup.

    step-security/action-setup’s past year of commit activity
    TypeScript 0 MIT 1 1 14 Updated Apr 22, 2026
  • get-cmake Public

    Install and Cache latest CMake and Ninja for your workflows on your GitHub. Secure drop-in replacement for lukka/get-cmake.

    step-security/get-cmake’s past year of commit activity
    TypeScript 0 MIT 1 1 18 Updated Apr 22, 2026
  • setup-uv Public

    Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/. Secure drop-in replacement for astral-sh/setup-uv.

    step-security/setup-uv’s past year of commit activity
    TypeScript 0 MIT 1 1 17 Updated Apr 22, 2026
  • release-drafter Public

    Drafts your next release notes as pull requests are merged into master. Secure drop-in replacement for release-drafter/release-drafter.

    step-security/release-drafter’s past year of commit activity
    JavaScript 0 ISC 1 1 11 Updated Apr 22, 2026
  • setup-xcode Public

    Set up your GitHub Actions workflow with a specific version of Xcode. Secure drop-in replacement for maxim-lobanov/setup-xcode.

    step-security/setup-xcode’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Apr 22, 2026
  • action-golangci-lint Public

    Run golangci-lint with reviewdog. Secure drop-in replacement for reviewdog/action-golangci-lint.

    step-security/action-golangci-lint’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 22, 2026
  • gha-setup-vsdevenv Public

    GitHub Action to setup the VS dev environment for the job. Secure drop-in replacement for compnerd/gha-setup-vsdevenv.

    step-security/gha-setup-vsdevenv’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Apr 22, 2026
  • carabiner-dev-actions Public

    GiitHub actions for various tools in the Carabiner ecosystems. Secure drop-in replacement for carabiner-dev/actions.

    step-security/carabiner-dev-actions’s past year of commit activity
    0 Apache-2.0 1 0 4 Updated Apr 22, 2026
View all repositories

Most used topics

Loading…