Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 936 82

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 303 50

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 294 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 488 302

Repositories

Showing 10 of 201 repositories
  • get-secretmanager-secrets Public

    A GitHub Action for accessing secrets from Google Secret Manager and making them available as outputs. Secure drop-in replacement for google-github-actions/get-secretmanager-secrets.

    step-security/get-secretmanager-secrets’s past year of commit activity
    TypeScript 0 Apache-2.0 1 0 9 Updated Jan 2, 2026
  • setup-uv Public

    Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/. Secure drop-in replacement for astral-sh/setup-uv.

    step-security/setup-uv’s past year of commit activity
    0 0 0 1 Updated Jan 1, 2026
  • create-pull-request Public

    A GitHub action to create a pull request for changes to your repository in the actions workspace. Secure drop-in replacement for peter-evans/create-pull-request.

    step-security/create-pull-request’s past year of commit activity
    0 0 0 1 Updated Jan 1, 2026
  • aqua-installer Public

    Install aqua securely and quickly. Secure drop-in replacement for aquaproj/aqua-installer.

    step-security/aqua-installer’s past year of commit activity
    0 0 0 1 Updated Jan 1, 2026
  • octocov-action Public

    :octocat: GitHub Action for octocov. Secure drop-in replacement for k1LoW/octocov-action.

    step-security/octocov-action’s past year of commit activity
    0 MIT 1 0 4 Updated Dec 31, 2025
  • mozilla-sops-action Public

    GitHub Action for installing Sops. Secure drop-in replacement for mdgreenwald/mozilla-sops-action.

    step-security/mozilla-sops-action’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Dec 31, 2025
  • fetch-gh-release-asset Public

    Github Action to download an asset from a Github release. Secure drop-in replacement for dsaltares/fetch-gh-release-asset.

    step-security/fetch-gh-release-asset’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Dec 31, 2025
  • gh-setup Public

    :octocat: Setup asset of Github releases. Secure drop-in replacement for k1LoW/gh-setup.

    step-security/gh-setup’s past year of commit activity
    Go 0 MIT 1 1 4 Updated Dec 31, 2025
  • action-download-artifact Public

    ⚙️ A GitHub Action to download an artifact associated with given workflow and commit or other criteria. Secure drop-in replacement for dawidd6/action-download-artifact.

    step-security/action-download-artifact’s past year of commit activity
    JavaScript 0 MIT 1 1 5 Updated Dec 30, 2025
  • action-golangci-lint Public

    Run golangci-lint with reviewdog. Secure drop-in replacement for reviewdog/action-golangci-lint.

    step-security/action-golangci-lint’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Dec 30, 2025
View all repositories