Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 96

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Shell 95 11

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 317 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 502 311

Repositories

Showing 10 of 297 repositories
  • setup-kubectl Public

    GitHub Action for installing Kubectl. Secure drop-in replacement for Azure/setup-kubectl.

    step-security/setup-kubectl’s past year of commit activity
    TypeScript 0 MIT 1 1 13 Updated Apr 13, 2026
  • assign-author Public

    GitHub Actions to assign author to issue or PR. Secure drop-in replacement for technote-space/assign-author.

    step-security/assign-author’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Apr 13, 2026
  • action-discord Public

    🚀 GitHub Action that sends a Discord message. . Secure drop-in replacement for Ilshidur/action-discord.

    step-security/action-discord’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Apr 13, 2026
  • setup-xcode Public

    Set up your GitHub Actions workflow with a specific version of Xcode. Secure drop-in replacement for maxim-lobanov/setup-xcode.

    step-security/setup-xcode’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Apr 13, 2026
  • release-github-actions Public

    GitHub Actions to automate the release of GitHub Actions. Secure drop-in replacement for technote-space/release-github-actions.

    step-security/release-github-actions’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Apr 13, 2026
  • add-and-commit Public

    :octocat: Automatically commit changes made in your workflow run directly to your repo. Secure drop-in replacement for EndBug/add-and-commit.

    step-security/add-and-commit’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Apr 13, 2026
  • google-github-auth Public

    A GitHub Action for authenticating to Google Cloud. Secure drop-in replacement for google-github-actions/auth.

    step-security/google-github-auth’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 6 Updated Apr 13, 2026
  • github-actions-pr-is-linked-to-work-item Public

    Check for linked Azure DevOps work item. Secure drop-in replacement for danhellem/github-actions-pr-is-linked-to-work-item.

    step-security/github-actions-pr-is-linked-to-work-item’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 13, 2026
  • git-auto-commit-action Public

    Automatically commit and push changed files back to GitHub with this GitHub Action for the 80% use case. Secure drop-in replacement for stefanzweifel/git-auto-commit-action.

    step-security/git-auto-commit-action’s past year of commit activity
    Shell 0 MIT 1 1 11 Updated Apr 13, 2026
  • action-swiftlint Public

    GitHub Action for SwiftLint. Secure drop-in replacement for norio-nomura/action-swiftlint.

    step-security/action-swiftlint’s past year of commit activity
    Swift 0 MIT 1 1 6 Updated Apr 13, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…