Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 855 74

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 294 47

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 288 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 478 285

Repositories

Showing 10 of 119 repositories
  • arm-int-tests Public
    step-security/arm-int-tests’s past year of commit activity
    Go 0 4 4,215 14 Updated Jul 25, 2025
  • google-github-auth Public

    A GitHub Action for authenticating to Google Cloud. Secure drop-in replacement for google-github-actions/auth.

    step-security/google-github-auth’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 8 Updated Jul 25, 2025
  • reusable-workflows Public

    StepSecurity Reusable Workflows

    step-security/reusable-workflows’s past year of commit activity
    0 MIT 3 1 8 Updated Jul 25, 2025
  • action-misspell Public

    Run misspell with reviewdog. Secure drop-in replacement for reviewdog/action-misspell.

    step-security/action-misspell’s past year of commit activity
    Shell 0 MIT 1 1 6 Updated Jul 25, 2025
  • publish-unit-test-result-action Public

    GitHub Action to publish unit test results on GitHub. Secure drop-in replacement for EnricoMi/publish-unit-test-result-action.

    step-security/publish-unit-test-result-action’s past year of commit activity
    Python 0 Apache-2.0 4 1 22 Updated Jul 25, 2025
  • mise-action Public

    jdx/mise-action is a GitHub Action that integrates the mise tool into your CI/CD workflows. Secure drop-in replacement for jdx/mise-action.

    step-security/mise-action’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Jul 25, 2025
  • get-cmake Public

    Install and Cache latest CMake and Ninja for your workflows on your GitHub. Secure drop-in replacement for lukka/get-cmake.

    step-security/get-cmake’s past year of commit activity
    TypeScript 0 MIT 1 1 13 Updated Jul 25, 2025
  • conventional-pr-title-action Public

    Ensure your PR title matches the Conventional Commits spec. Secure drop-in replacement for aslafy-z/conventional-pr-title-action.

    step-security/conventional-pr-title-action’s past year of commit activity
    JavaScript 0 MIT 3 1 14 Updated Jul 24, 2025
  • r-lib-actions Public

    GitHub Actions for the R community. Secure drop-in replacement for r-lib/actions.

    step-security/r-lib-actions’s past year of commit activity
    TypeScript 0 CC0-1.0 1 1 32 Updated Jul 24, 2025
  • vitest-coverage-report-action Public

    A GitHub Action to report vitest test coverage results. Secure drop-in replacement for davelosert/vitest-coverage-report-action.

    step-security/vitest-coverage-report-action’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Jul 24, 2025
View all repositories