ossf/scorecard-action external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/scorecard-action

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/scorecard-action)

Close

ossf / scorecard-actionView on GitHubMore

• External links
• Readme badge

Official GitHub Action for OpenSSF Scorecard.

☆376Apr 29, 2026Updated this week

Alternatives and similar repositories for scorecard-action

Users that are interested in scorecard-action are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ossf / scorecard

  View on GitHub
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,416Updated this week
• step-security / secure-repo

  View on GitHub
  Orchestrate GitHub Actions Security
  ☆321Updated this week
• ossf / scorecard-webapp

  View on GitHub
  Website and API for OpenSSF Scorecard
  ☆28Updated this week
• step-security / harden-runner

  View on GitHub
  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…
  ☆1,106Apr 20, 2026Updated 2 weeks ago
• slsa-framework / slsa-github-generator

  View on GitHub
  Language-agnostic SLSA provenance generation for Github Actions
  ☆571Mar 29, 2026Updated last month
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• actions / dependency-review-action

  View on GitHub
  A GitHub Action for detecting vulnerable dependencies and invalid licenses in your PRs
  ☆851Apr 23, 2026Updated last week
• GitHubSecurityLab / actions-permissions

  View on GitHub
  GitHub token permissions Monitor and Advisor actions
  ☆361Jan 31, 2026Updated 3 months ago
• slsa-framework / slsa-verifier

  View on GitHub
  Verify provenance from SLSA compliant builders
  ☆321Mar 9, 2026Updated last month
• sigstore / cosign-installer

  View on GitHub
  Cosign Github Action
  ☆196Apr 13, 2026Updated 3 weeks ago
• ossf / scorecard-monitor

  View on GitHub
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆48Apr 25, 2026Updated last week
• slsa-framework / github-actions-demo

  View on GitHub
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆99Nov 1, 2022Updated 3 years ago
• eBay / sbom-scorecard

  View on GitHub
  Generate a score for your sbom to understand if it will actually be useful.
  ☆242Aug 13, 2024Updated last year
• actions / attest-sbom

  View on GitHub
  Action for generating SBOM attestations for workflow artifacts
  ☆46Mar 18, 2026Updated last month
• ossf / allstar

  View on GitHub
  GitHub App to set and enforce security policies
  ☆1,416Apr 28, 2026Updated last week
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• advanced-security / ghas-to-csv

  View on GitHub
  Play with GHAS API to provide posture data over time
  ☆42Mar 30, 2026Updated last month
• philips-labs / slsa-provenance-action

  View on GitHub
  Github Action implementation of SLSA Provenance Generation
  ☆50Apr 27, 2026Updated last week
• github-community-projects / evergreen

  View on GitHub
  GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…
  ☆224Updated this week
• ossf / scorecard-visualizer

  View on GitHub
  Tool for visualizing the Open SSF Scorecard Api data in a human friendly way
  ☆18Apr 27, 2026Updated last week
• github / lock

  View on GitHub
  Lock Action to support deployment locking for the branch-deploy Action
  ☆55Mar 1, 2026Updated 2 months ago
• GeekMasher / advanced-security-compliance

  View on GitHub
  GitHub Advance Security Compliance Action
  ☆134Dec 14, 2022Updated 3 years ago
• github-early-access / generate-build-provenance

  View on GitHub
  Publish a signed build provenance from your GitHub Actions workflow
  ☆62May 21, 2024Updated last year
• sigstore / fulcio

  View on GitHub
  Sigstore OIDC PKI
  ☆833Apr 27, 2026Updated last week
• slsa-framework / slsa

  View on GitHub
  Supply-chain Levels for Software Artifacts
  ☆1,852Apr 25, 2026Updated last week
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• advanced-security / policy-as-code

  View on GitHub
  GitHub Advanced Security Policy as Code
  ☆99Apr 14, 2026Updated 2 weeks ago
• kubernetes-sigs / tejolote

  View on GitHub
  A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.
  ☆73Updated this week
• google / osv-scanner-action

  View on GitHub
  ☆74Updated this week
• jhutchings1 / spdx-to-dependency-graph-action

  View on GitHub
  A GitHub Action that takes SPDX SBOMs and uploads them to GitHub's dependency submission API to power Dependabot alerts
  ☆10Apr 10, 2023Updated 3 years ago
• in-toto / witness

  View on GitHub
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆523Apr 27, 2026Updated last week
• peter-murray / github-security-report-action

  View on GitHub
  ☆83Apr 26, 2024Updated 2 years ago
• guacsec / guac

  View on GitHub
  GUAC aggregates software security metadata into a high fidelity graph database.
  ☆1,481Apr 27, 2026Updated last week
• openvex / spec

  View on GitHub
  OpenVEX Specification
  ☆175Jan 16, 2026Updated 3 months ago
• step-security / github-actions-goat

  View on GitHub
  GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
  ☆501Jun 27, 2025Updated 10 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• ossf / wg-securing-software-repos

  View on GitHub
  OpenSSF Working Group on Securing Software Repositories
  ☆127Apr 6, 2026Updated 3 weeks ago
• advanced-security / enterprise-security-team

  View on GitHub
  Manage a uniform team of security managers for every organization in your enterprise
  ☆24Apr 23, 2026Updated last week
• ossf / wg-security-tooling

  View on GitHub
  OpenSSF Security Tooling Working Group
  ☆322Jul 6, 2025Updated 9 months ago
• chainguard-dev / actions

  View on GitHub
  A collection of reusable Github Actions workflows.
  ☆165Updated this week
• sigstore / gitsign

  View on GitHub
  Keyless Git signing using Sigstore
  ☆1,082Updated this week
• snyk / parlay

  View on GitHub
  Enrich SBOMs with data from third party services
  ☆224Apr 9, 2026Updated 3 weeks ago
• sigstore / cosign

  View on GitHub
  Code signing and transparency for containers and binaries
  ☆5,858Apr 27, 2026Updated last week