Third-party GitHub Actions with high scores should be used

This check passes if each Action used in the job has a security score of 6 or above.

Reduces the likelihood of compromise if the Action has a high-security score.

Use StepSecurity Maintained Actions instead of third-party Actions with a low score.

Replacing GitHub Actions with StepSecurity Actions

1. Navigate to the dashboard.

2. Click Overview.

3. Click "Third-party GitHub Actions with high scores should be used."

4. View all the failed workflows.

5. View the "Actions with low scores" tab to see all actions with low scores.

6. View the "Replace with" tab to see the recommended StepSecurity Actions to replace the actions with low scores.

Last updated 4 months ago