Description

Analyze CI/CD pipelines (GitHub Actions, GitLab CI, CircleCI) and suggest optimizations — caching strategies, parallelization, step elimination, Docker layer...

README (SKILL.md)

CI Pipeline Optimizer

Name: Ci Pipeline Optimizer
Author: charlie-morrison

Make CI/CD pipelines faster and cheaper. Analyzes workflow files to find bottlenecks, missing caches, serial steps that can run in parallel, unnecessary work, and oversized Docker builds.

Use when: "CI is too slow", "optimize our pipeline", "reduce build time", "CI costs too much", "speed up GitHub Actions", "pipeline taking 20 minutes", or doing CI/CD maintenance.

Commands

1. `analyze` — Full Pipeline Analysis

Scan all CI configuration files and identify optimization opportunities.

Step 1: Discover Pipeline Config

echo "=== CI Pipeline Discovery ==="

# GitHub Actions
if [ -d ".github/workflows" ]; then
  echo "Platform: GitHub Actions"
  ls -la .github/workflows/*.yml .github/workflows/*.yaml 2>/dev/null
fi

# GitLab CI
[ -f ".gitlab-ci.yml" ] && echo "Platform: GitLab CI"

# CircleCI
[ -f ".circleci/config.yml" ] && echo "Platform: CircleCI"

# Jenkins
[ -f "Jenkinsfile" ] && echo "Platform: Jenkins"

# Bitbucket
[ -f "bitbucket-pipelines.yml" ] && echo "Platform: Bitbucket Pipelines"

# Azure DevOps
[ -f "azure-pipelines.yml" ] && echo "Platform: Azure DevOps"

Step 2: Caching Analysis

echo ""
echo "=== Caching Analysis ==="

# GitHub Actions: check for cache steps
if [ -d ".github/workflows" ]; then
  echo "--- Cache Usage ---"
  rg -n "actions/cache|cache:" .github/workflows/ 2>/dev/null

  # Check if node_modules is cached
  HAS_NODE_CACHE=$(rg -c "node_modules|npm-cache|yarn-cache|pnpm-store" .github/workflows/ 2>/dev/null | awk -F: '{s+=$2} END {print s+0}')
  [ -f "package.json" ] && [ "$HAS_NODE_CACHE" -eq 0 ] && echo "⚠️  MISSING: Node.js dependency cache"

  # Check if pip cache exists
  HAS_PIP_CACHE=$(rg -c "pip-cache\|pip.*cache\|~/.cache/pip" .github/workflows/ 2>/dev/null | awk -F: '{s+=$2} END {print s+0}')
  [ -f "requirements.txt" ] && [ "$HAS_PIP_CACHE" -eq 0 ] && echo "⚠️  MISSING: Python pip cache"

  # Check for Docker layer caching
  HAS_DOCKER_CACHE=$(rg -c "docker/build-push-action.*cache|buildx.*cache|docker-layer-caching" .github/workflows/ 2>/dev/null | awk -F: '{s+=$2} END {print s+0}')
  HAS_DOCKER=$(rg -c "docker build\|docker-compose\|docker/build-push" .github/workflows/ 2>/dev/null | awk -F: '{s+=$2} END {print s+0}')
  [ "$HAS_DOCKER" -gt 0 ] && [ "$HAS_DOCKER_CACHE" -eq 0 ] && echo "⚠️  MISSING: Docker layer cache"

  # Check for build output caching (turbo, nx)
  [ -f "turbo.json" ] && ! rg -q "turborepo-cache\|turbo.*cache" .github/workflows/ 2>/dev/null && echo "⚠️  MISSING: Turborepo remote cache"
fi

# GitLab CI
if [ -f ".gitlab-ci.yml" ]; then
  rg -n "cache:" .gitlab-ci.yml 2>/dev/null
  HAS_CACHE=$(rg -c "cache:" .gitlab-ci.yml 2>/dev/null || echo "0")
  [ "$HAS_CACHE" -eq 0 ] && echo "⚠️  No cache configuration in .gitlab-ci.yml"
fi

Step 3: Parallelization Analysis

echo ""
echo "=== Parallelization Opportunities ==="

if [ -d ".github/workflows" ]; then
  # Find workflows with sequential jobs that could be parallel
  for wf in .github/workflows/*.yml .github/workflows/*.yaml; do
    [ -f "$wf" ] || continue
    echo "--- $(basename $wf) ---"

    # Check for needs: (job dependencies)
    JOBS=$(rg -c "^\s{2}\w+:" "$wf" 2>/dev/null || echo "0")
    NEEDS=$(rg -c "needs:" "$wf" 2>/dev/null || echo "0")

    echo "  Jobs: $JOBS, Dependencies (needs): $NEEDS"

    if [ "$JOBS" -gt 1 ] && [ "$NEEDS" -eq 0 ]; then
      echo "  ✅ Jobs run in parallel (no dependencies)"
    elif [ "$NEEDS" -gt 0 ]; then
      echo "  Check if some 'needs' can be removed for parallel execution:"
      rg -n "needs:" "$wf" 2>/dev/null | head -5
    fi

    # Check for matrix strategy
    HAS_MATRIX=$(rg -c "matrix:" "$wf" 2>/dev/null || echo "0")
    [ "$HAS_MATRIX" -gt 0 ] && echo "  ✅ Uses matrix strategy"

    # Check for steps that could be split into parallel jobs
    STEPS=$(rg -c "^\s*- (name|run|uses):" "$wf" 2>/dev/null || echo "0")
    [ "$STEPS" -gt 15 ] && echo "  ⚠️  $STEPS steps in a single job — consider splitting into parallel jobs"
  done
fi

Step 4: Unnecessary Work Detection

echo ""
echo "=== Unnecessary Work ==="

if [ -d ".github/workflows" ]; then
  for wf in .github/workflows/*.yml .github/workflows/*.yaml; do
    [ -f "$wf" ] || continue

    # Check for path filters (run only on relevant changes)
    HAS_PATHS=$(rg -c "paths:" "$wf" 2>/dev/null || echo "0")
    [ "$HAS_PATHS" -eq 0 ] && echo "⚠️  $(basename $wf): No path filters — runs on ALL file changes"

    # Check for conditional execution
    HAS_IF=$(rg -c "if:" "$wf" 2>/dev/null || echo "0")
    echo "  $(basename $wf): $HAS_IF conditional steps"

    # Full checkout vs shallow
    FULL_CHECKOUT=$(rg -c "fetch-depth: 0" "$wf" 2>/dev/null || echo "0")
    [ "$FULL_CHECKOUT" -gt 0 ] && echo "  ⚠️  Full git history checkout (fetch-depth: 0) — needed?"

    # Multiple npm install steps
    NPM_INSTALLS=$(rg -c "npm install\|npm ci\|yarn install\|pnpm install" "$wf" 2>/dev/null || echo "0")
    [ "$NPM_INSTALLS" -gt 1 ] && echo "  ⚠️  $NPM_INSTALLS separate install steps — consolidate or cache"
  done
fi

Step 5: Docker Optimization

echo ""
echo "=== Docker Build Optimization ==="

find . -name "Dockerfile" -not -path '*/node_modules/*' 2>/dev/null | while read df; do
  echo "--- $df ---"
  LINES=$(wc -l \x3C "$df")
  echo "  Lines: $LINES"

  # Multi-stage build?
  STAGES=$(grep -c "^FROM " "$df")
  [ "$STAGES" -gt 1 ] && echo "  ✅ Multi-stage build ($STAGES stages)" || echo "  ⚠️  Single-stage build — add multi-stage to reduce image size"

  # COPY before package install (cache-busting)
  COPY_ALL=$(grep -n "COPY \. \.\|COPY \.\/ " "$df" | head -1 | cut -d: -f1)
  RUN_INSTALL=$(grep -n "npm install\|npm ci\|pip install\|go build" "$df" | head -1 | cut -d: -f1)
  if [ -n "$COPY_ALL" ] && [ -n "$RUN_INSTALL" ] && [ "$COPY_ALL" -lt "$RUN_INSTALL" ]; then
    echo "  ⚠️  COPY . before install — busts Docker cache on every file change"
    echo "     Fix: COPY package*.json first, then install, then COPY rest"
  fi

  # .dockerignore exists?
  DIR=$(dirname "$df")
  [ -f "$DIR/.dockerignore" ] || [ -f ".dockerignore" ] || echo "  ⚠️  No .dockerignore — sending unnecessary files to Docker daemon"

  # Large base image
  BASE=$(grep "^FROM " "$df" | tail -1 | awk '{print $2}')
  echo "$BASE" | grep -qE "^(ubuntu|debian|centos|node:|python:)" && \
    ! echo "$BASE" | grep -qE "(slim|alpine|distroless)" && \
    echo "  ⚠️  Large base image ($BASE) — consider slim/alpine/distroless variant"
done

2. `cache` — Caching Recommendations

Generate specific caching configuration for the project:

# For GitHub Actions + Node.js
- uses: actions/cache@v4
  with:
    path: |
      ~/.npm
      node_modules
    key: node-${{ hashFiles('**/package-lock.json') }}
    restore-keys: node-

Recommendations per ecosystem:

Node.js: Cache node_modules or ~/.npm keyed on lockfile hash
Python: Cache ~/.cache/pip keyed on requirements.txt hash
Go: Cache ~/go/pkg/mod keyed on go.sum hash
Rust: Cache ~/.cargo and target/ keyed on Cargo.lock
Docker: Use BuildKit cache mount or docker/build-push-action cache

3. `timeline` — Build Timeline Visualization

Parse CI logs or config to estimate job duration:

Pipeline: build-and-test.yml
Total estimated time: ~12 min (serial) → ~6 min (optimized)

[lint]        ████░░░░░░░░  2 min
[test]        ██████████░░  5 min  (needs: lint)
[build]       ████████░░░░  4 min  (needs: lint)
[deploy]      ██░░░░░░░░░░  1 min  (needs: test, build)

Optimization: run [test] and [build] in parallel → save 4 min

4. `suggest` — Generate Optimized Pipeline

Produce a rewritten pipeline with all optimizations applied:

Added caches
Parallelized independent jobs
Path filters added
Docker build optimized
Conditional execution for skip-on-docs-only changes

Output Formats

text (default): Human-readable analysis with suggestions
json: {platform, workflows: [{name, jobs, steps, caches, issues: []}], optimizations: [], estimated_savings: ""}
markdown: Report for PRs or wiki documentation
yaml: Ready-to-use optimized workflow configuration

Notes

Supports GitHub Actions, GitLab CI, CircleCI, and Jenkinsfile analysis
Does not access CI logs or run history — analyzes config files statically
Time estimates are heuristic (based on common operation durations)
Caching recommendations are framework-aware and use current best practices
Docker optimization checks apply to all Dockerfiles in the project
For monorepos, suggests path-filtered triggers and affected-only testing

Usage Guidance

This skill looks coherent for analyzing CI configs, but take these precautions before installing: - Confirm the full SKILL.md: your provided file was truncated; review the remainder to ensure there are no network calls, uploads, file writes/deletes, or commands that invoke remote scripts. - Tooling assumption: the script uses 'rg' (ripgrep) and standard Unix tools (grep, awk, find, wc). The registry metadata did not declare required binaries. Either ensure the agent environment has these tools or ask the publisher to declare them explicitly. - Data exposure: when invoked the skill will read repository files (workflows, Dockerfiles, package.json, requirements.txt, etc.). Do not run it against repos that contain sensitive secrets unless you trust the agent and environment. - Autonomous invocation: the skill can be invoked autonomously by the agent (default behavior). That is normal, but avoid granting this skill unattended access to repositories with secrets unless you trust it — combine with ACLs or manual approval if available. If you want higher assurance, ask the publisher for the complete SKILL.md and for an explicit list of required binaries; or run the skill in a sandboxed environment first and inspect the output to confirm it performs only the expected read-only checks.

Capability Analysis

Type: OpenClaw Skill Name: ci-pipeline-optimizer Version: 1.0.0 The skill is a static analysis tool designed to identify optimization opportunities in CI/CD pipelines (GitHub Actions, GitLab, etc.) and Dockerfiles. It uses standard shell utilities like `grep`, `rg`, `find`, and `awk` to inspect configuration files for caching strategies and parallelization. No evidence of data exfiltration, unauthorized network access, or malicious intent was found in SKILL.md or the associated scripts.

Capability Assessment

ℹ Purpose & Capability

The skill's name/description (CI pipeline analysis and optimization) aligns with the actions described in SKILL.md (scanning workflow files, Dockerfiles, package manifests, etc.). However the runtime instructions rely on external CLI tools (notably 'rg' / ripgrep, plus common shells tools like grep/awk/find/wc) while the registry metadata lists no required binaries. The missing declaration of 'rg' is an incoherence (the tool is expected by the instructions but not declared).

✓ Instruction Scope

The SKILL.md instructions stay within the declared purpose: they discover CI config files and inspect repository artifacts (workflows, Dockerfiles, package.json, requirements.txt, turbo.json). They read repository files and run local text-searching commands but do not (in the visible portion) perform network calls, write files, or reference environment variables beyond the repository — all of which is proportionate to a pipeline auditor. Note: the provided SKILL.md is truncated in your listing; the remainder could change this assessment if it contains network exfiltration or write/delete commands.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files. That is the lowest-risk install mechanism (no downloads or archives).

✓ Credentials

The skill declares no required environment variables, credentials, or config paths and the instructions do not reference secrets or credentials in the visible content. This is proportionate for a repository-scanning utility.

✓ Persistence & Privilege

always:false and no install actions or self-modifying behavior are present. The skill requires only on-demand invocation; it does not request permanent presence or elevated system privileges in the visible content.

Version History

v1.0.0

Initial release — a tool for analyzing and optimizing CI/CD pipelines. - Provides analysis for GitHub Actions, GitLab CI, and CircleCI workflows. - Identifies caching gaps, parallelization opportunities, unnecessary work, and Docker optimization issues. - Offers commands for: full pipeline analysis, caching recommendations, build timeline visualization, and pipeline suggestions. - Focuses on reducing build times and CI/CD costs through actionable insights.

Metadata

Slug ci-pipeline-optimizer

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Ci Pipeline Optimizer?

Analyze CI/CD pipelines (GitHub Actions, GitLab CI, CircleCI) and suggest optimizations — caching strategies, parallelization, step elimination, Docker layer... It is an AI Agent Skill for Claude Code / OpenClaw, with 40 downloads so far.

How do I install Ci Pipeline Optimizer?

Run "/install ci-pipeline-optimizer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Ci Pipeline Optimizer free?

Yes, Ci Pipeline Optimizer is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Ci Pipeline Optimizer support?

Ci Pipeline Optimizer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Ci Pipeline Optimizer?

It is built and maintained by charlie-morrison (@charlie-morrison); the current version is v1.0.0.

More Skills

Ci Pipeline Optimizer