Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 966 83

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 304 51

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 295 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 495 303

Repositories

Showing 10 of 247 repositories
  • docker-login-action Public

    GitHub Action to login against a Docker registry. Secure drop-in replacement for docker/login-action.

    step-security/docker-login-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated Feb 25, 2026
  • release-drafter Public

    Drafts your next release notes as pull requests are merged into master. Secure drop-in replacement for release-drafter/release-drafter.

    step-security/release-drafter’s past year of commit activity
    JavaScript 0 ISC 1 1 12 Updated Feb 25, 2026
  • dynamodb-actions Public

    Integrate Github Action with Amazon DynamoDB. Secure drop-in replacement for mooyoul/dynamodb-actions.

    step-security/dynamodb-actions’s past year of commit activity
    TypeScript 3 MIT 4 1 17 Updated Feb 25, 2026
  • gitleaks-action Public

    Protect your secrets using Gitleaks-Action. Secure drop-in replacement for gitleaks/gitleaks-action.

    step-security/gitleaks-action’s past year of commit activity
    TypeScript 0 MIT 1 1 8 Updated Feb 25, 2026
  • maintained-actions-assets Public
    step-security/maintained-actions-assets’s past year of commit activity
    0 0 0 0 Updated Feb 25, 2026
  • action-openfga-deploy Public

    Github Action for deploying your Authorization Model to an OpenFGA Store. Secure drop-in replacement for openfga/action-openfga-deploy.

    step-security/action-openfga-deploy’s past year of commit activity
    0 0 0 1 Updated Feb 25, 2026
  • wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    step-security/wait-for-secrets’s past year of commit activity
    TypeScript 295 Apache-2.0 20 4 19 Updated Feb 25, 2026
  • action-actionlint Public

    run actionlint with reviewdog. Secure drop-in replacement for reviewdog/action-actionlint.

    step-security/action-actionlint’s past year of commit activity
    Dockerfile 1 MIT 1 1 8 Updated Feb 25, 2026
  • depot-setup-action Public

    ▶️ GitHub Action to download and install the Depot CLI. Secure drop-in replacement for depot/setup-action.

    step-security/depot-setup-action’s past year of commit activity
    TypeScript 0 MIT 1 1 13 Updated Feb 25, 2026
  • workflow-dispatch Public

    A GitHub Action for triggering workflows, using the `workflow_dispatch` event. Secure drop-in replacement for benc-uk/workflow-dispatch.

    step-security/workflow-dispatch’s past year of commit activity
    TypeScript 2 MIT 3 1 11 Updated Feb 25, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…