Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 1k 92

  2. dev-machine-guard dev-machine-guard Public

    Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds.

    Shell 48 8

  3. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 311 50

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 496 305

Repositories

Showing 10 of 277 repositories
  • lock-threads Public

    GitHub Action that locks closed issues, pull requests and discussions after a period of inactivity. Secure drop-in replacement for dessant/lock-threads.

    step-security/lock-threads’s past year of commit activity
    JavaScript 0 MIT 1 1 9 Updated Mar 24, 2026
  • install-poetry Public

    Github action for installing and configuring Poetry. Secure drop-in replacement for snok/install-poetry.

    step-security/install-poetry’s past year of commit activity
    Shell 0 MIT 1 1 6 Updated Mar 24, 2026
  • setup-class-hash Public

    Github Action for making starknet-class-hash available in your workflows. Secure drop-in replacement for ericnordelo/setup-class-hash.

    step-security/setup-class-hash’s past year of commit activity
    JavaScript 0 MIT 1 1 11 Updated Mar 24, 2026
  • file-existence-action Public

    📁 :octocat: GitHub Action to check for file existence. Secure drop-in replacement for andstor/file-existence-action.

    step-security/file-existence-action’s past year of commit activity
    TypeScript 0 MIT 1 1 12 Updated Mar 24, 2026
  • create-issue-from-file Public

    A GitHub action to create an issue using content from a file. Secure drop-in replacement for peter-evans/create-issue-from-file.

    step-security/create-issue-from-file’s past year of commit activity
    TypeScript 0 MIT 1 0 9 Updated Mar 24, 2026
  • cypress-io-github-action Public

    GitHub Action for running Cypress end-to-end & component tests. Secure drop-in replacement for cypress-io/github-action.

    step-security/cypress-io-github-action’s past year of commit activity
    JavaScript 0 MIT 1 0 26 Updated Mar 24, 2026
  • action-create-branch Public

    Github action to create a branch. Secure drop-in replacement for peterjgrainger/action-create-branch.

    step-security/action-create-branch’s past year of commit activity
    0 0 0 1 Updated Mar 24, 2026
  • reusable-workflows Public

    StepSecurity Reusable Workflows

    step-security/reusable-workflows’s past year of commit activity
    Go 0 MIT 3 1 6 Updated Mar 24, 2026
  • gitleaks-action Public

    Protect your secrets using Gitleaks-Action. Secure drop-in replacement for gitleaks/gitleaks-action.

    step-security/gitleaks-action’s past year of commit activity
    TypeScript 0 MIT 1 1 9 Updated Mar 24, 2026
  • repo-sync-pull-request Public

    ⤵️ A GitHub Action for creating pull requests. Secure drop-in replacement for repo-sync/pull-request.

    step-security/repo-sync-pull-request’s past year of commit activity
    Shell 0 MIT 1 0 5 Updated Mar 24, 2026
View all repositories