Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.1k 93

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds.

    Shell 57 8

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 316 51

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 500 306

Repositories

Showing 10 of 286 repositories
  • trx-parser Public

    This repository contains a Typescript GitHub action for parsing trx files and creating status check for each trx file based on its test outcome. Secure drop-in replacement for NasAmin/trx-parser.

    step-security/trx-parser’s past year of commit activity
    0 0 0 1 Updated Apr 2, 2026
  • synthetics-ci-github-action Public

    Run Synthetic tests in your GitHub workflows with Datadog Continuous Testing. Secure drop-in replacement for DataDog/synthetics-ci-github-action.

    step-security/synthetics-ci-github-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated Apr 2, 2026
  • create-json Public

    Github Action to create a .json file to use in other steps of the workflow. Secure drop-in replacement for jsdaniell/create-json.

    step-security/create-json’s past year of commit activity
    JavaScript 0 MIT 3 1 8 Updated Apr 2, 2026
  • tfclean Public

    tfclean is tool to remove applied moved block, import block, etc. Secure drop-in replacement for takaishi/tfclean.

    step-security/tfclean’s past year of commit activity
    Go 0 MIT 1 1 7 Updated Apr 1, 2026
  • action-junit-report Public

    Reports junit test results as GitHub Pull Request Check. Secure drop-in replacement for mikepenz/action-junit-report.

    step-security/action-junit-report’s past year of commit activity
    TypeScript 0 Apache-2.0 1 0 12 Updated Apr 1, 2026
  • mage-action Public

    GitHub Action for Mage. Secure drop-in replacement for magefile/mage-action.

    step-security/mage-action’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Apr 1, 2026
  • semver-utils Public

    One-stop shop for working with semantic versions in your GitHub Actions workflows. Secure drop-in replacement for madhead/semver-utils.

    step-security/semver-utils’s past year of commit activity
    TypeScript 0 MIT 3 1 14 Updated Apr 1, 2026
  • gh-actions-lua Public

    GitHub action for Lua/LuaJIT. Secure drop-in replacement for leafo/gh-actions-lua.

    step-security/gh-actions-lua’s past year of commit activity
    JavaScript 0 MIT 1 1 12 Updated Apr 1, 2026
  • action-semantic-pull-request Public

    GitHub Action that ensures that your PR title matches the Conventional Commits spec. Secure drop-in replacement for amannn/action-semantic-pull-request.

    step-security/action-semantic-pull-request’s past year of commit activity
    JavaScript 1 MIT 4 1 15 Updated Apr 1, 2026
  • ghaction-github-status Public

    GitHub Action to check GitHub Status in your workflow. Secure drop-in replacement for crazy-max/ghaction-github-status.

    step-security/ghaction-github-status’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Apr 1, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…