Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 962 83

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 303 51

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 294 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 494 303

Repositories

Showing 10 of 238 repositories
  • release-drafter Public

    Drafts your next release notes as pull requests are merged into master. Secure drop-in replacement for release-drafter/release-drafter.

    step-security/release-drafter’s past year of commit activity
    JavaScript 0 ISC 1 1 12 Updated Feb 12, 2026
  • deployment-status Public

    GitHub action to create a deployment status update. Secure drop-in replacement for chrnorm/deployment-status.

    step-security/deployment-status’s past year of commit activity
    TypeScript 0 MIT 1 0 11 Updated Feb 12, 2026
  • setup-jfrog-cli Public

    Set up JFrog CLI in your GitHub Actions workflow. Secure drop-in replacement for jfrog/setup-jfrog-cli.

    step-security/setup-jfrog-cli’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 11 Updated Feb 12, 2026
  • action-semantic-demo Public
    step-security/action-semantic-demo’s past year of commit activity
    TypeScript 0 Apache-2.0 0 2 39 Updated Feb 12, 2026
  • gha-setup-swift Public

    Setup Swift (on Windows) on GitHub Actions Builders. Secure drop-in replacement for compnerd/gha-setup-swift.

    step-security/gha-setup-swift’s past year of commit activity
    0 0 0 1 Updated Feb 12, 2026
  • add-and-commit Public

    :octocat: Automatically commit changes made in your workflow run directly to your repo. Secure drop-in replacement for EndBug/add-and-commit.

    step-security/add-and-commit’s past year of commit activity
    0 0 0 1 Updated Feb 12, 2026
  • deployment-action Public

    GitHub action to create a Deployment. Secure drop-in replacement for chrnorm/deployment-action.

    step-security/deployment-action’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Feb 12, 2026
  • mise-action Public

    jdx/mise-action is a GitHub Action that integrates the mise tool into your CI/CD workflows. Secure drop-in replacement for jdx/mise-action.

    step-security/mise-action’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Feb 12, 2026
  • trigger-workflow-and-wait Public

    Trigger a workflow in another (or same) repository and wait for the job to finish. Secure drop-in replacement for convictional/trigger-workflow-and-wait.

    step-security/trigger-workflow-and-wait’s past year of commit activity
    Shell 0 MIT 1 1 6 Updated Feb 12, 2026
  • gha-setup-vsdevenv Public

    GitHub Action to setup the VS dev environment for the job. Secure drop-in replacement for compnerd/gha-setup-vsdevenv.

    step-security/gha-setup-vsdevenv’s past year of commit activity
    JavaScript 0 MIT 1 0 7 Updated Feb 12, 2026
View all repositories

Top languages

Loading…