github actions "security" keyword
View the packages on the github actions package registry that are tagged with the "security" keyword.
Top 0.6% on github actions
25 versions - Latest release: over 1 year ago - 11,383 dependent repositories - 277 stars on GitHub
gradle/wrapper-validation-action v3.5.0
Validates Gradle Wrapper JAR Files25 versions - Latest release: over 1 year ago - 11,383 dependent repositories - 277 stars on GitHub
Top 0.8% on github actions
177 versions - Latest release: 11 days ago - 224 dependent repositories - 2,299 stars on GitHub
oxsecurity/megalinter v9.3.0 💰
Combine all available linters to automatically validate your sources without configuration !177 versions - Latest release: 11 days ago - 224 dependent repositories - 2,299 stars on GitHub
Top 0.9% on github actions
4 versions - Latest release: over 5 years ago - 2,306 dependent repositories - 157 stars on GitHub
actions-rs/audit-check v1.2.0 💰
Run cargo audit and check for security advisories4 versions - Latest release: over 5 years ago - 2,306 dependent repositories - 157 stars on GitHub
Top 0.3% on github actions
73 versions - Latest release: 5 months ago - 3,327 dependent repositories - 832 stars on GitHub
aquasecurity/trivy-action 0.33.1
Scans container images for vulnerabilities with Trivy73 versions - Latest release: 5 months ago - 3,327 dependent repositories - 832 stars on GitHub
Top 1.5% on github actions
30 versions - Latest release: about 1 year ago - 96 dependent repositories - 697 stars on GitHub
MobSF/mobsfscan 0.4.5 💰
mobsfscan is a SAST that can find insecure code patterns in your Android and iOS source code.30 versions - Latest release: about 1 year ago - 96 dependent repositories - 697 stars on GitHub
Top 1.0% on github actions
18 versions - Latest release: 3 months ago - 497 dependent repositories - 337 stars on GitHub
zaproxy/action-baseline v0.15.0 💰
Scans the web application with the ZAP Baseline Scan18 versions - Latest release: 3 months ago - 497 dependent repositories - 337 stars on GitHub
Top 1.1% on github actions
41 versions - Latest release: 9 months ago - 211 dependent repositories - 243 stars on GitHub
gitleaks/gitleaks-action v2.3.9
run gitleaks on push and pull-request events41 versions - Latest release: 9 months ago - 211 dependent repositories - 243 stars on GitHub
Top 0.6% on github actions
33 versions - Latest release: 4 months ago - 6,465 dependent repositories - 337 stars on GitHub
ossf/scorecard-action v2.4.3
Run OSSF Scorecard checks and output results in SARIF format33 versions - Latest release: 4 months ago - 6,465 dependent repositories - 337 stars on GitHub
dopplerhq/secrets-fetch-action v1.3.1
Fetch Doppler secrets for a specific Project and Config8 versions - Latest release: about 1 month ago
fraim-dev/fraim-action v0.7.0
Run Fraim AI-powered workflows on your code and upload results to GitHub Security tab8 versions - Latest release: 4 months ago - 5 stars on GitHub
Top 6.9% on github actions
Latest release: 3 months ago - 11,408 stars on GitHub
google/oss-fuzz/infra/cifuzz/actions/run_fuzzers
Runs fuzz target binaries for a specified length of time.Latest release: 3 months ago - 11,408 stars on GitHub
lfreleng-actions/sonatype-lifecycle-scan-action v0.1.2
Runs a Sonatype Lifecycle (Nexus IQ) scan3 versions - Latest release: 4 months ago - 0 stars on GitHub
lfreleng-actions/sonarqube-cloud-scan-action v0.1.3
Performs a SonarQube Cloud scan and uploads the results4 versions - Latest release: 4 months ago - 0 stars on GitHub
jskov/action-nexus-publish v1.2
Publish maven artifacts to Maven Central via Portal Publisher API3 versions - Latest release: 9 months ago - 0 stars on GitHub
Top 8.8% on github actions
41 versions - Latest release: 9 months ago - 397 stars on GitHub
zricethezav/gitleaks-action v2.3.9 💰
run gitleaks on push and pull-request events41 versions - Latest release: 9 months ago - 397 stars on GitHub
Top 8.6% on github actions
171 versions - Latest release: 7 months ago - 2,193 stars on GitHub
megalinter/megalinter v8.8.0 💰
Combine all available linters to automatically validate your sources without configuration !171 versions - Latest release: 7 months ago - 2,193 stars on GitHub
bullfrogsec/bullfrog v0.8.4
Block unauthorized outbound traffic (egress) in your Github workflows23 versions - Latest release: 8 months ago - 110 stars on GitHub
lfreleng-actions/python-audit-action v0.2.3
Check Python dependencies for known security vulnerabilities10 versions - Latest release: 3 months ago - 1 stars on GitHub
docker/scout-action v1.18.2
List vulnerabilities in images; find better base images and upload an image SBOM to Docker Scout49 versions - Latest release: 6 months ago - 122 stars on GitHub
GitGuardian/ggshield v1.43.0 removed
Scan commits for security incidents (using repository image)86 versions - Latest release: 5 months ago - 1,821 stars on GitHub
fortify/github-action v2.1.1
Find and fix vulnerabilities to build secure software with Fortify Code Security.35 versions - Latest release: 7 months ago - 16 stars on GitHub
nowsecure/nowsecure-action v5.0.0 removed
The NowSecure Action delivers fast, accurate, automated security analysis of iOS and Android apps...22 versions - Latest release: 3 months ago - 42 stars on GitHub
nowsecure/nowsecure-action/upload-app v4.0.1
Upload an app to NowSecure20 versions - Latest release: over 1 year ago - 42 stars on GitHub
nowsecure/nowsecure-action/convert-sarif v5.0.0
Convert NowSecure assessment to SARIF to be uploaded to GHAS22 versions - Latest release: 3 months ago - 41 stars on GitHub
bugale/bugalint v2.2.0
Convert various linter outputs to standard formats6 versions - Latest release: 9 months ago - 1 dependent repositories - 3 stars on GitHub
Aptori-dev/sift-action v1.0.3
Find business logic and security bugs in your application with Aptori Autonomous API Security Tes...5 versions - Latest release: 4 months ago - 6 stars on GitHub
xvnpw/ai-threat-modeling-action v1.3.4
AI featured threat modeling and security review action24 versions - Latest release: almost 2 years ago - 1 dependent repositories - 45 stars on GitHub
Top 9.9% on github actions
4 versions - Latest release: over 2 years ago - 10 dependent repositories - 27 stars on GitHub
Nekmo/pip-rating v0.2.2
Run pip-rating on the project to get the requirements rating based on criteria like freshness, po...4 versions - Latest release: over 2 years ago - 10 dependent repositories - 27 stars on GitHub
kahu-app/github-action v0.3.1
Dependency security check8 versions - Latest release: over 2 years ago - 0 stars on GitHub
gabrielrufino/mongodump-action v2.0.3 💰
Creates a binary export of a database's contents10 versions - Latest release: 11 months ago - 1 dependent repositories - 2 stars on GitHub
CycodeLabs/cimon-action v0.9.4
Runtime Security Solution for your CI/CD Pipeline26 versions - Latest release: about 2 years ago - 1 dependent repositories - 108 stars on GitHub
UlisesGascon/openssf-scorecard-monitor v1.0.1
Monitor OpenSSF Scorecard evolution over time10 versions - Latest release: almost 3 years ago - 3 dependent repositories - 28 stars on GitHub
Top 7.2% on github actions
13 versions - Latest release: about 3 years ago - 1 dependent repositories - 134 stars on GitHub
GeekMasher/advanced-security-compliance v1.7.0
ghascompliance13 versions - Latest release: about 3 years ago - 1 dependent repositories - 134 stars on GitHub
CrowdStrike/container-image-scan-action v1.4.0
Scan your container image for vulnerabilities and malware14 versions - Latest release: about 1 year ago - 1 dependent repositories - 15 stars on GitHub
Top 6.6% on github actions
11 versions - Latest release: about 3 years ago - 17 dependent repositories - 21 stars on GitHub
ScribeMD/rootless-docker 0.2.2
Run Docker in Rootless Mode to Prevent Permission Errors11 versions - Latest release: about 3 years ago - 17 dependent repositories - 21 stars on GitHub
SecureStackCo/actions-sbom v0.2.0
Create a Software Bill of Materials (SBOM) with SecureStack4 versions - Latest release: over 3 years ago - 1 dependent repositories - 19 stars on GitHub
HCL-TECH-SOFTWARE/appscan-dast-action v1.0.7
Scan for security issues in web applications8 versions - Latest release: 9 months ago - 4 dependent repositories - 2 stars on GitHub
SecureStackCo/actions-log4j v0.1.4
Scans your application for the presence of serious vulnerabilities in Log4j5 versions - Latest release: almost 4 years ago - 1 dependent repositories - 14 stars on GitHub
SecureStackCo/actions-code v0.1.1
Scan your source code in real-time for vulnerable libraries & frameworks you are using. Supports ...2 versions - Latest release: almost 4 years ago - 1 dependent repositories - 18 stars on GitHub
Top 9.9% on github actions
5 versions - Latest release: almost 4 years ago - 13 dependent repositories - 22 stars on GitHub
SecureStackCo/actions-secrets v0.1.3
Scan your source code for sensitive data like API keys, passwords, server host strings, config an...5 versions - Latest release: almost 4 years ago - 13 dependent repositories - 22 stars on GitHub
DVKunion/CollieTrickster v1.1.1
Use Collie to get an free host3 versions - Latest release: almost 3 years ago - 38 stars on GitHub
Top 6.6% on github actions
34 versions - Latest release: over 1 year ago - 1 dependent repositories - 815 stars on GitHub
Legit-Labs/legitify v1.0.11
Legitify GitHub Action34 versions - Latest release: over 1 year ago - 1 dependent repositories - 815 stars on GitHub
Traceableai/ast-action 0.0.5
GitHub action for Traceable Active Security Testing6 versions - Latest release: almost 3 years ago - 1 dependent repositories - 4 stars on GitHub
SecureStackCo/actions-abom v0.1.5
Create an Application Bill of Materials (ABOM) with SecureStack6 versions - Latest release: over 3 years ago - 13 stars on GitHub
malice-labs/fork-sentry 1.0
Detect and alert on suspicious forks of your repository1 version - Latest release: about 4 years ago - 2 stars on GitHub
sudo-bot/action-docker-sign latest
Sign docker images1 version - Latest release: over 4 years ago - 10 dependent repositories - 6 stars on GitHub
mnavarrocarter/authorize-aws-security-group-ingress-action v1.1.0
Creates a inbound rule in an AWS Security Group and deletes it when the job finishes2 versions - Latest release: almost 2 years ago - 9 stars on GitHub
Top 3.8% on github actions
24 versions - Latest release: about 2 years ago - 39 dependent repositories - 50 stars on GitHub
philips-labs/slsa-provenance-action v0.9.0
An action to generate SLSA build provenance for an artifact24 versions - Latest release: about 2 years ago - 39 dependent repositories - 50 stars on GitHub
secrethub/actions v0.2.1
Load secrets into your GitHub workflows3 versions - Latest release: about 5 years ago - 46 stars on GitHub
Top 6.5% on github actions
8 versions - Latest release: over 2 years ago - 4 dependent repositories - 83 stars on GitHub
aquasecurity/tracee-action v0.4.0-stop
Protect your GitHub Actions pipelines with eBPF profiling8 versions - Latest release: over 2 years ago - 4 dependent repositories - 83 stars on GitHub
reposaur/repo-audit-action v0.1.0
Audit your organization's repositories using Reposaur.1 version - Latest release: over 3 years ago - 1 stars on GitHub
operatorequals/gitsign-action v0.3.0
Uses `gitsign` to verify commit signatures of a branch3 versions - Latest release: about 3 years ago - 1 dependent repositories - 4 stars on GitHub
albuch/sbt-dependency-check-action v1.0
Github action to execute sbt-dependency-check as part of a github workflow1 version - Latest release: over 4 years ago - 3 dependent repositories - 1 stars on GitHub
ncino/quack-scan v1.0.3 removed
Run static code dependency scan using Black Duck Synopsys scan for NPM and PIP using Synopsys 6.0.7 versions - Latest release: over 4 years ago - 2 stars on GitHub
kattecon/gh-app-access-token-gen v1.2.0
Generates a GitHub Access Token for a Github App based upon specific inputs.6 versions - Latest release: over 1 year ago - 1 dependent repositories - 2 stars on GitHub
Top 7.2% on github actions
20 versions - Latest release: almost 2 years ago - 74 dependent repositories - 12 stars on GitHub
jbergstroem/hadolint-gh-action v1.12.2
A stable, well-tested, highly configurable way of checking your Dockerfile(s) with Hadolint20 versions - Latest release: almost 2 years ago - 74 dependent repositories - 12 stars on GitHub
Top 9.5% on github actions
9 versions - Latest release: over 2 years ago - 88 dependent repositories - 14 stars on GitHub
erzz/dockle-action v1.4.0
Lint & Best Practices for container images with integrations to Github UI9 versions - Latest release: over 2 years ago - 88 dependent repositories - 14 stars on GitHub
lnavarrocarter/actions-rules-repository 1.1.4
Add rules repository labels to issues and pull requests.7 versions - Latest release: over 2 years ago - 1 dependent repositories - 1 stars on GitHub
magmanu/github-workflow-security-scanner v0.1.0 removed
A GitHub Action that performs static analysis on your workflows1 version - Latest release: almost 3 years ago - 0 stars on GitHub
trendmicro/cloudone-container-security-github-action 1.0.11
Scan container images with Vision One Container Security12 versions - Latest release: about 1 year ago - 7 stars on GitHub
dlint-py/dlint-action 1.0.0
A tool for encouraging best coding practices and helping ensure we're writing secure Python code.1 version - Latest release: almost 6 years ago - 1 dependent repositories - 0 stars on GitHub
hoeg/semgrep-report v1.0.2
Report Semgrep findimgs to PRs with suggested changes5 versions - Latest release: over 2 years ago - 0 stars on GitHub
recognizegroup/recognize-vulnerability-report-action v1.1.0
Create a report of the vulnerabilities that are found and add it as a comment to a pull request.3 versions - Latest release: about 3 years ago - 1 dependent repositories - 0 stars on GitHub
awslabs/aws-lc-verification removed
Check SAW proofs to verify AWS-LC against Cryptol specsLatest release: over 2 years ago - 57 stars on GitHub
Top 3.5% on github actions
11 versions - Latest release: 8 months ago - 65 dependent repositories - 38 stars on GitHub
stackrox/kube-linter-action v1.0.7
Scan directory or file with kube-linter11 versions - Latest release: 8 months ago - 65 dependent repositories - 38 stars on GitHub
Top 3.8% on github actions
16 versions - Latest release: over 1 year ago - 131 dependent repositories - 76 stars on GitHub
pypa/gh-action-pip-audit v1.1.0 💰
Use pip-audit to scan Python dependencies for known vulnerabilities16 versions - Latest release: over 1 year ago - 131 dependent repositories - 76 stars on GitHub
Top 5.2% on github actions
86 versions - Latest release: 4 months ago - 73 dependent repositories - 21 stars on GitHub
checkmarx/ast-github-action 2.3.27
Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST...86 versions - Latest release: 4 months ago - 73 dependent repositories - 21 stars on GitHub
Top 6.2% on github actions
9 versions - Latest release: over 3 years ago - 33 dependent repositories - 28 stars on GitHub
apisec-inc/ethicalcheck-action v1.0.6 removed
Free & Instant API Penetration Testing Service9 versions - Latest release: over 3 years ago - 33 dependent repositories - 28 stars on GitHub
Top 4.1% on github actions
8 versions - Latest release: over 2 years ago - 114 dependent repositories - 23 stars on GitHub
apisec-inc/apisec-run-scan v1.0.7
Continuous, automated, comprehensive API Security Testing8 versions - Latest release: over 2 years ago - 114 dependent repositories - 23 stars on GitHub
hashicorp/setup-signore v3.0.0
setup-signore downloads, installs, and configures the signore signing service client10 versions - Latest release: over 1 year ago - 9 dependent repositories - 0 stars on GitHub
kitabisa/gokart-action v1.0.0
Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form...1 version - Latest release: over 4 years ago - 1 dependent repositories - 9 stars on GitHub
occmundial/action-cve-clone v2.0.2
Send GitHub vulnerability alerts to multiple platforms like Slack, PagerDuty.6 versions - Latest release: over 3 years ago - 0 stars on GitHub
SeisoLLC/goat v2025.07.01
Apply Seiso's standard testing77 versions - Latest release: 6 months ago - 14 stars on GitHub
bashofmann/neuvector-image-scan-action
Scans a container image for vulnerabilities with [NeuVector](https://neuvector.com)Latest release: 8 months ago - 1 stars on GitHub
VCTLabs/bandit-report-artifacts v0.0.3
Github action to find common security issues in Python code and get its report as a artifact.5 versions - Latest release: 10 months ago - 4 dependent repositories - 3 stars on GitHub
Staffbase/npm-audit-fix-action v4.0.10
Run `npm audit fix` and create a pull request58 versions - Latest release: over 3 years ago - 3 dependent repositories - 0 stars on GitHub
silverhack/monkey365 v0.95.8
Install and run PSScriptAnalyzer18 versions - Latest release: 4 months ago - 1,191 stars on GitHub
Top 7.1% on github actions
7 versions - Latest release: almost 5 years ago - 3 dependent repositories - 31 stars on GitHub
checkmarx-ts/checkmarx-github-action v1.0.6
Find vulnerabilities in your code using Checkmarx SAST solution7 versions - Latest release: almost 5 years ago - 3 dependent repositories - 31 stars on GitHub
nuwaycloud/trivy-action v0.0.3
GitHub action to scan docker images for vulnerability issues using trivy.3 versions - Latest release: about 1 year ago - 1 stars on GitHub
tenable/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: about 3 years ago - 12 stars on GitHub
ghr-actions/settings-check v0.1.0
Checks that a GitHub repos settings line up with a specification1 version - Latest release: over 4 years ago - 1 dependent repositories - 3 stars on GitHub
embold/github-action-docker v0.2
Embold design and code quality scanning engine2 versions - Latest release: over 4 years ago - 1 dependent repositories - 4 stars on GitHub
Top 8.5% on github actions
6 versions - Latest release: over 2 years ago - 7 dependent repositories - 11 stars on GitHub
federacy/scan-action 0.1.5
SAST and Dependency Scanning6 versions - Latest release: over 2 years ago - 7 dependent repositories - 11 stars on GitHub
daltonmenezes/discord-guardian-action v1.1.0 💰
Fetches the list of malicious domains on Discord in different providers and creates/updates a JSO...3 versions - Latest release: almost 4 years ago - 1 dependent repositories - 7 stars on GitHub
chaitin/veinmind-action v1.0.5
Scan images for security issues with veinmind-tools6 versions - Latest release: almost 3 years ago - 2 dependent repositories - 8 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: over 3 years ago - 48 dependent repositories - 4 stars on GitHub
Top 8.9% on github actions
13 versions - Latest release: over 2 years ago - 23 dependent repositories - 10 stars on GitHub
ossillate-inc/packj-github-action v0.0.12-beta
Use Packj to avoid malicious and other "risky" open-source software dependencies13 versions - Latest release: over 2 years ago - 23 dependent repositories - 10 stars on GitHub
Top 3.4% on github actions
12 versions - Latest release: 3 months ago - 70 dependent repositories - 60 stars on GitHub
zaproxy/action-api-scan v0.10.0 💰
Scans the web application with the ZAP API Scan12 versions - Latest release: 3 months ago - 70 dependent repositories - 60 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: almost 3 years ago - 4 dependent repositories - 7 stars on GitHub
Top 2.6% on github actions
5 versions - Latest release: about 3 years ago - 162 dependent repositories - 138 stars on GitHub
symfonycorp/security-checker-action v5
Checks composer.json for known vulnerabilities in your package dependencies5 versions - Latest release: about 3 years ago - 162 dependent repositories - 138 stars on GitHub
druidfi/security-checker-action v1
Checks composer.json for known available security updates in your package dependencies1 version - Latest release: over 3 years ago - 1 dependent repositories - 0 stars on GitHub
Top 9.1% on github actions
8 versions - Latest release: over 1 year ago - 9 dependent repositories - 9 stars on GitHub
nowsecure/nowsecure-sbom-action v3.0.0
Generate a Mobile SBOM for an application and submit to the Dependency submission API8 versions - Latest release: over 1 year ago - 9 dependent repositories - 9 stars on GitHub
geritol/write-guard v0.4.0
Enforce file level write access for monorepos6 versions - Latest release: about 4 years ago - 1 dependent repositories - 8 stars on GitHub
clj-holmes/clj-watson-action main
Executes clj-watson dependency security scan in clojure/clojurescript projects.1 version - Latest release: over 3 years ago - 15 dependent repositories - 2 stars on GitHub
Top 6.1% on github actions
85 versions - Latest release: 5 months ago - 22 dependent repositories - 21 stars on GitHub
Checkmarx/ast-github-action 2.3.26
Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST...85 versions - Latest release: 5 months ago - 22 dependent repositories - 21 stars on GitHub
Top 3.2% on github actions
41 versions - Latest release: 8 months ago - 73 dependent repositories - 221 stars on GitHub
trunk-io/trunk-action v1.2.4
The official trunk.io GitHub action41 versions - Latest release: 8 months ago - 73 dependent repositories - 221 stars on GitHub
Top 2.9% on github actions
34 versions - Latest release: 9 months ago - 88 dependent repositories - 46 stars on GitHub
oke-py/npm-audit-action v3.0.0
run npm audit34 versions - Latest release: 9 months ago - 88 dependent repositories - 46 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: almost 6 years ago - 0 stars on GitHub
Top 5.9% on github actions
18 versions - Latest release: over 2 years ago - 88 dependent repositories - 24 stars on GitHub
ForAllSecure/mapi-action v2.0.0
Automatically test your REST APIs with your OpenAPI specs and Postman collections18 versions - Latest release: over 2 years ago - 88 dependent repositories - 24 stars on GitHub
Top 2.8% on github actions
49 versions - Latest release: almost 6 years ago - 14 dependent repositories - 1,987 stars on GitHub
lirantal/is-website-vulnerable 1.15.10
Scans a URL for publicly known JavaScript library vulnerabilities49 versions - Latest release: almost 6 years ago - 14 dependent repositories - 1,987 stars on GitHub
Related Keywords
github-actions
80
security-tools
33
devsecops
32
actions
27
security-automation
22
action
22
static-analysis
22
continuous-integration
14
hacktoberfest
13
python
13
security-audit
12
ci
12
github-action
12
secrets
10
github
10
scanning
10
vulnerability-detection
10
sast
10
security-scanner
9
devops
9
cicd
9
analysis
8
compliance
8
docker
8
aws
8
lint
7
vulnerability
7
scan
6
vulnerabilities
6
linter
6
sarif-report
6
golang
6
code-quality
6
vulnerability-scanner
5
dast
5
security-vulnerability
5
kubernetes
5
supply-chain-security
5
testing
5
workflow
5
appsec
5
terraform
5
deployment
5
container
5
vulnerability-scanners
5
secret-management
5
security-scan
4
security-testing
4
automation
4
secrets-management
4
static-code-analysis
4
software-composition-analysis
4
deployment-automation
4
frida
4
nowsecure
4
containers
4
cve
4
code-scanning
4
java
4
kotlin
4
secrets-detection
3
scanner
3
dependabot
3
dependency
3
php
3
audit
3
nodejs
3
megalinter
3
sca
3
sbom
3
appscan
3
dynamic-analysis
3
marketplace
3
linters
3
iam
3
azure
3
npm
3
test
3
code-review
3
checkmarx
3
review
3
sarif
3
code
3
supply-chain
3
ruby
3
rails
3
secrets-manager
3
parasoft
2
gitlab-ci
2
openssf-scorecard
2
bridgecrew
2
secret-scanning
2
groovy
2
authentication
2
jenkins
2
secrets-scan
2
deployment-pipeline
2
codeql
2
markdown
2
malware-detection
2