Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 967 83

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 304 51

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 295 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 495 303

Repositories

Showing 10 of 248 repositories
  • wait-on-action Public

    A GitHub Action variant of the wait-on package (npmjs.com/package/wait-on). Secure drop-in replacement for iFaxity/wait-on-action.

    step-security/wait-on-action’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Feb 27, 2026
  • edit-release Public

    A GitHub Action for editing an existing release. Secure drop-in replacement for irongut/EditRelease.

    step-security/edit-release’s past year of commit activity
    C# 0 MIT 1 0 6 Updated Feb 26, 2026
  • rdme Public

    ReadMe's official command-line interface (CLI) and GitHub Action 🌊. Secure drop-in replacement for readmeio/rdme.

    step-security/rdme’s past year of commit activity
    0 0 0 2 Updated Feb 26, 2026
  • action-download-artifact Public

    ⚙️ A GitHub Action to download an artifact associated with given workflow and commit or other criteria. Secure drop-in replacement for dawidd6/action-download-artifact.

    step-security/action-download-artifact’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Feb 26, 2026
  • read-yaml Public

    A GitHub Action to read yaml files. Secure drop-in replacement for jbutcher5/read-yaml.

    step-security/read-yaml’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Feb 26, 2026
  • action-openfga-deploy Public

    Github Action for deploying your Authorization Model to an OpenFGA Store. Secure drop-in replacement for openfga/action-openfga-deploy.

    step-security/action-openfga-deploy’s past year of commit activity
    0 Apache-2.0 1 0 4 Updated Feb 26, 2026
  • harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

    step-security/harden-runner’s past year of commit activity
    TypeScript 967 Apache-2.0 83 19 23 Updated Feb 26, 2026
  • agent-ebpf Public

    Agent for GitHub Actions runners

    step-security/agent-ebpf’s past year of commit activity
    1 0 0 0 Updated Feb 26, 2026
  • action-install-gh-release Public

    GitHub Action to install the Github Release binaries. Secure drop-in replacement for jaxxstorm/action-install-gh-release.

    step-security/action-install-gh-release’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated Feb 26, 2026
  • gitleaks-action Public

    Protect your secrets using Gitleaks-Action. Secure drop-in replacement for gitleaks/gitleaks-action.

    step-security/gitleaks-action’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Feb 26, 2026
View all repositories

Most used topics

Loading…