Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1k 92

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds.

    Shell 47 7

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 311 50

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 496 303

Repositories

Showing 10 of 277 repositories
  • ghaction-setup-docker Public

    GitHub Action to set up (download and install) Docker CE. Secure drop-in replacement for docker/setup-docker-action.

    step-security/ghaction-setup-docker’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 15 Updated Mar 23, 2026
  • action-download-artifact Public

    ⚙️ A GitHub Action to download an artifact associated with given workflow and commit or other criteria. Secure drop-in replacement for dawidd6/action-download-artifact.

    step-security/action-download-artifact’s past year of commit activity
    JavaScript 0 MIT 1 1 10 Updated Mar 23, 2026
  • setup-jfrog-cli Public

    Set up JFrog CLI in your GitHub Actions workflow. Secure drop-in replacement for jfrog/setup-jfrog-cli.

    step-security/setup-jfrog-cli’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 11 Updated Mar 23, 2026
  • sccache-action Public

    sccache github action. Secure drop-in replacement for Mozilla-Actions/sccache-action.

    step-security/sccache-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 11 Updated Mar 23, 2026
  • test-reporting Public

    Displays test results from popular testing frameworks directly in GitHub. Secure drop-in replacement for phoenix-actions/test-reporting.

    step-security/test-reporting’s past year of commit activity
    TypeScript 0 MIT 1 1 21 Updated Mar 23, 2026
  • dynamodb-actions Public

    Integrate Github Action with Amazon DynamoDB. Secure drop-in replacement for mooyoul/dynamodb-actions.

    step-security/dynamodb-actions’s past year of commit activity
    TypeScript 4 MIT 4 1 16 Updated Mar 23, 2026
  • gradle-actions Public

    A collection of GitHub Actions to accelerate your Gradle Builds on GitHub. Secure drop-in replacement for gradle/actions.

    step-security/gradle-actions’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Mar 23, 2026
  • publish-crates Public

    GitHub action to get easy publishing of Rust crates. Secure drop-in replacement for katyo/publish-crates.

    step-security/publish-crates’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Mar 23, 2026
  • test-summary-action Public

    Show a helpful summary of test results in GitHub Actions CI/CD workflow runs. Secure drop-in replacement for test-summary/action.

    step-security/test-summary-action’s past year of commit activity
    TypeScript 0 MIT 1 1 13 Updated Mar 23, 2026
  • increment Public

    Action to increment a repository variable. Secure drop-in replacement for action-pack/increment.

    step-security/increment’s past year of commit activity
    JavaScript 1 MIT 1 1 17 Updated Mar 23, 2026
View all repositories