Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1.2k 103

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    Go 145 17

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 326 52

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 508 316

Repositories

Showing 10 of 359 repositories
  • install-jq-action Public

    Multiplatform jq installer action. Secure drop-in replacement for dcarbone/install-jq-action.

    step-security/install-jq-action’s past year of commit activity
    Shell 0 Apache-2.0 1 1 6 Updated May 30, 2026
  • setup-chrome Public

    Set up your GitHub Actions workflow with a specific version of chromium. Secure drop-in replacement for browser-actions/setup-chrome.

    step-security/setup-chrome’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated May 30, 2026
  • codecov-action Public

    GitHub Action that uploads coverage to Codecov ☂️. Secure drop-in replacement for codecov/codecov-action.

    step-security/codecov-action’s past year of commit activity
    Python 0 MIT 1 1 5 Updated May 30, 2026
  • saucectl-run-action Public

    GitHub Action for running saucectl test suites. Secure drop-in replacement for saucelabs/saucectl-run-action.

    step-security/saucectl-run-action’s past year of commit activity
    JavaScript 0 MIT 1 1 10 Updated May 29, 2026
  • api-use-cases Public

    Practical examples for using the StepSecurity API to answer real supply chain security questions

    step-security/api-use-cases’s past year of commit activity
    Shell 0 Apache-2.0 1 0 0 Updated May 29, 2026
  • run-windows-docker-container-action Public

    Action to run windows containers. Secure drop-in replacement for philips-software/run-windows-docker-container-action.

    step-security/run-windows-docker-container-action’s past year of commit activity
    PowerShell 0 MIT 1 1 6 Updated May 29, 2026
  • dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

    step-security/dev-machine-guard’s past year of commit activity
    Go 145 Apache-2.0 17 20 10 Updated May 29, 2026
  • actions-rs-toolchain Public

    🛠️ GitHub Action for `rustup` commands. Secure drop-in replacement for actions-rs/toolchain.

    step-security/actions-rs-toolchain’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated May 29, 2026
  • synthetics-ci-github-action Public

    Run Synthetic tests in your GitHub workflows with Datadog Continuous Testing. Secure drop-in replacement for DataDog/synthetics-ci-github-action.

    step-security/synthetics-ci-github-action’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 10 Updated May 29, 2026
  • terraform-provider-stepsecurity Public

    terraform provider for step-security

    step-security/terraform-provider-stepsecurity’s past year of commit activity
    Go 0 Apache-2.0 4 1 3 Updated May 29, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…