← Back to Skills Marketplace
daniellummis

GitHub Actions Self-Hosted Risk Audit

by Daniel Lummis · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
266
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install github-actions-self-hosted-risk-audit
Description
Audit GitHub Actions workflows that use self-hosted runners for untrusted trigger and credential-hardening risks.
README (SKILL.md)

GitHub Actions Self-Hosted Risk Audit

Use this skill to flag risky workflow patterns when jobs run on self-hosted GitHub Actions runners.

What this skill does

  • Scans workflow YAML files (.github/workflows/*.yml by default)
  • Detects workflows that reference self-hosted runners
  • Flags high-risk trigger combinations (pull_request_target, pull_request, issue_comment)
  • Flags broad/self-hosted-only runner selection (no extra routing labels)
  • Flags workflows with write-capable permissions in self-hosted contexts
  • Flags actions/checkout steps that do not set persist-credentials: false
  • Supports text/json output and CI fail gate

Inputs

Optional:

  • WORKFLOW_GLOB (default: .github/workflows/*.y*ml)
  • TOP_N (default: 20)
  • OUTPUT_FORMAT (text or json, default: text)
  • WARN_SCORE (default: 4)
  • CRITICAL_SCORE (default: 8)
  • WORKFLOW_FILE_MATCH / WORKFLOW_FILE_EXCLUDE (regex, optional)
  • FAIL_ON_CRITICAL (0 or 1, default: 0)

Run

Text report:

WORKFLOW_GLOB='.github/workflows/*.yml' \
WARN_SCORE=4 \
CRITICAL_SCORE=8 \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

JSON output + fail gate:

WORKFLOW_GLOB='.github/workflows/*.y*ml' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

Run against bundled fixtures:

WORKFLOW_GLOB='skills/github-actions-self-hosted-risk-audit/fixtures/*.y*ml' \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

Output contract

  • Exit 0 in reporting mode (default)
  • Exit 1 when FAIL_ON_CRITICAL=1 and one or more workflows are critical
  • Text mode prints summary + top flagged workflows
  • JSON mode prints summary + flagged workflows + critical workflows
Usage Guidance
This skill appears safe to run locally: it only reads workflow YAML files and reports risky patterns, and it does not require API tokens or network access. Before installing/running, review or run the included script on a non-sensitive copy of your repo if you have concerns; note that the tool uses regex-based checks (not a full YAML AST), so expect occasional false positives/negatives. Also be cautious if you override WORKFLOW_GLOB to scan arbitrary paths — the script will read any files you point it at.
Capability Analysis
Type: OpenClaw Skill Name: github-actions-self-hosted-risk-audit Version: 1.0.0 The skill is a static analysis tool designed to audit GitHub Actions workflows for security risks associated with self-hosted runners. It uses a Python script (embedded in scripts/self-hosted-risk-audit.sh) to scan YAML files for risky configurations such as pull_request_target triggers, broad runner labels, and insecure credential persistence. The implementation includes proper input validation, lacks network or exfiltration capabilities, and operates strictly as a reporting tool without executing the audited content.
Capability Assessment
Purpose & Capability
The name/description match the implementation. The script scans workflow YAML files for self-hosted runner patterns and flags trigger/permission/checkout issues. Required binaries (bash, python3) are appropriate and no unrelated credentials or services are requested.
Instruction Scope
Runtime instructions and the included script operate on local files matched by WORKFLOW_GLOB (default .github/workflows/*.y*ml) and only read those files, apply regex checks, and emit reports. There are no instructions to read unrelated system config, exfiltrate data, or call external endpoints. Note: the tool uses regex-based parsing rather than a YAML parser, so it may be brittle and produce false positives/negatives, but that is a functional (not malicious) limitation.
Install Mechanism
No install spec or external downloads — this is instruction-only plus an included shell script. Nothing is pulled from external URLs or written to system locations by an installer.
Credentials
No required environment variables or credentials. Optional env vars control which files to scan and thresholds; they are configuration-only and proportional to the skill's purpose.
Persistence & Privilege
The skill does not request persistent/global privileges (always:false), does not modify other skills or system-wide configs, and does not store credentials. It runs on demand and can be invoked by the user.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install github-actions-self-hosted-risk-audit
  3. After installation, invoke the skill by name or use /github-actions-self-hosted-risk-audit
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of github-actions-self-hosted-risk-audit. - Scans GitHub Actions workflows for use of self-hosted runners and flags risky configurations. - Detects dangerous trigger combinations, privilege escalation, overly broad runner selection, and insecure checkout steps. - Supports customizable input options including file glob, output format (text/json), scoring thresholds, and CI fail gating. - Outputs either a summary report or detailed JSON, and can fail CI on critical findings.
Metadata
Slug github-actions-self-hosted-risk-audit
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is GitHub Actions Self-Hosted Risk Audit?

Audit GitHub Actions workflows that use self-hosted runners for untrusted trigger and credential-hardening risks. It is an AI Agent Skill for Claude Code / OpenClaw, with 266 downloads so far.

How do I install GitHub Actions Self-Hosted Risk Audit?

Run "/install github-actions-self-hosted-risk-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is GitHub Actions Self-Hosted Risk Audit free?

Yes, GitHub Actions Self-Hosted Risk Audit is completely free (open-source). You can download, install and use it at no cost.

Which platforms does GitHub Actions Self-Hosted Risk Audit support?

GitHub Actions Self-Hosted Risk Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created GitHub Actions Self-Hosted Risk Audit?

It is built and maintained by Daniel Lummis (@daniellummis); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments