Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 950 83

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 304 51

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 295 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 491 304

Repositories

Showing 10 of 219 repositories
  • read-yaml Public

    A GitHub Action to read yaml files. Secure drop-in replacement for jbutcher5/read-yaml.

    step-security/read-yaml’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Jan 26, 2026
  • get-user-teams-membership Public

    GitHub Action to get a user teams membership in a given organization. Secure drop-in replacement for tspascoal/get-user-teams-membership.

    step-security/get-user-teams-membership’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Jan 26, 2026
  • setup-xcode Public

    Set up your GitHub Actions workflow with a specific version of Xcode. Secure drop-in replacement for maxim-lobanov/setup-xcode.

    step-security/setup-xcode’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Jan 26, 2026
  • action-remove-labels Public

    🏷️ GitHub Action to remove labels. Secure drop-in replacement for actions-ecosystem/action-remove-labels.

    step-security/action-remove-labels’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 9 Updated Jan 26, 2026
  • vitest-coverage-report-action Public

    A GitHub Action to report vitest test coverage results. Secure drop-in replacement for davelosert/vitest-coverage-report-action.

    step-security/vitest-coverage-report-action’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Jan 26, 2026
  • install-jq-action Public

    Multiplatform jq installer action. Secure drop-in replacement for dcarbone/install-jq-action.

    step-security/install-jq-action’s past year of commit activity
    Shell 0 Apache-2.0 1 1 5 Updated Jan 26, 2026
  • action-swiftlint Public

    GitHub Action for SwiftLint. Secure drop-in replacement for norio-nomura/action-swiftlint.

    step-security/action-swiftlint’s past year of commit activity
    Swift 0 MIT 1 0 5 Updated Jan 26, 2026
  • action-gh-release Public

    GitHub Action for creating GitHub Releases. Secure drop-in replacement for softprops/action-gh-release.

    step-security/action-gh-release’s past year of commit activity
    TypeScript 0 MIT 1 1 4 Updated Jan 26, 2026
  • action-add-labels Public

    🏷️ GitHub Action to add labels. Secure drop-in replacement for actions-ecosystem/action-add-labels.

    step-security/action-add-labels’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated Jan 26, 2026
  • setup-qemu-action Public

    GitHub Action to install QEMU static binaries. Secure drop-in replacement for docker/setup-qemu-action.

    step-security/setup-qemu-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 0 7 Updated Jan 26, 2026
View all repositories

Most used topics

Loading…