← 返回 Skills 市场

GitHub Actions Artifact Budget Audit

Name: GitHub Actions Artifact Budget Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

259

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-artifact-budget-audit

功能描述

Audit GitHub Actions artifact storage usage from JSON exports so bloated artifacts are flagged before they inflate CI cost.

使用说明 (SKILL.md)

GitHub Actions Artifact Budget Audit

Use this skill to detect oversized or stale GitHub Actions artifacts across repositories.

What this skill does

Reads one or more GitHub artifact JSON exports (gh api output)
Calculates artifact size in MB and totals by repository + artifact name
Flags warn/critical artifacts by configurable size thresholds
Highlights soon-to-expire artifact volume to prioritize cleanup
Supports text and JSON output for terminal or dashboards

Inputs

Optional:

ARTIFACT_GLOB (default: artifacts/github-actions-artifacts/*.json)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
WARN_MB (default: 250)
CRITICAL_MB (default: 750)
SOON_EXPIRES_DAYS (default: 7)
FAIL_ON_CRITICAL (0 or 1, default: 0)
REPO_MATCH (regex, optional)
REPO_EXCLUDE (regex, optional)
ARTIFACT_MATCH (regex, optional)
ARTIFACT_EXCLUDE (regex, optional)

Collect artifact JSON

Single repository:

gh api repos/\x3Cowner>/\x3Crepo>/actions/artifacts --paginate \
  > artifacts/github-actions-artifacts/\x3Cowner>-\x3Crepo>.json

Combined multi-repo payloads are also supported as long as each file includes an artifacts array.

Run

Text report:

ARTIFACT_GLOB='artifacts/github-actions-artifacts/*.json' \
WARN_MB=300 \
CRITICAL_MB=900 \
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh

JSON output for automation:

ARTIFACT_GLOB='artifacts/github-actions-artifacts/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh

Filter to one repo and artifact family:

ARTIFACT_GLOB='artifacts/github-actions-artifacts/*.json' \
REPO_MATCH='^flowcreatebot/' \
ARTIFACT_MATCH='(test-results|coverage)' \
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh

Run with bundled fixtures:

ARTIFACT_GLOB='skills/github-actions-artifact-budget-audit/fixtures/*.json' \
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh

Output contract

Exit 0 in reporting mode (default)
Exit 1 if FAIL_ON_CRITICAL=1 and at least one artifact is at/above CRITICAL_MB
In text mode: prints summary and top oversized artifact groups
In json mode: prints summary, grouped artifact stats, and critical artifact instances

安全使用建议

This skill appears coherent and limited to parsing local GitHub artifact JSON exports and reporting oversized/stale artifacts. Before running: (1) Inspect the bundled script (already provided) yourself or run it in an isolated environment if you have any doubts. (2) If you use the 'gh api' command to collect JSON, that step may require GitHub authentication (use the minimum-scoped token or an authenticated gh session). (3) The script records archive_download_url strings but does not fetch them; do not pass it JSON containing secrets or untrusted data. If you need absolute assurance, run the script on copies of your artifact JSON files inside a disposable container.

功能分析

Type: OpenClaw Skill Name: github-actions-artifact-budget-audit Version: 1.0.0 The skill is a utility for auditing GitHub Actions artifact storage usage by processing JSON data exported from the GitHub API. It uses a Python script (embedded in artifact-budget-audit.sh) to parse local files, calculate artifact sizes, and apply regex filters to identify oversized or expiring artifacts. No evidence of data exfiltration, malicious execution, or prompt injection was found; the script operates entirely on local data provided via the ARTIFACT_GLOB parameter.

能力评估

✓ Purpose & Capability

Name/description, SKILL.md examples, fixtures, and the script all focus on reading local artifact JSON files, grouping by repo/artifact, and reporting size/expiry. Required binaries (bash, python3) are appropriate and nothing unrelated is requested.

✓ Instruction Scope

Runtime instructions only direct the agent/user to gather gh API JSON exports (optional) and run the bundled script with environment flags. The script only reads files, parses JSON, aggregates stats, and prints JSON/text; it does not download artifact archives or call external endpoints.

✓ Install Mechanism

No install spec (instruction-only with a bundled script). No remote downloads or packages are installed by the skill itself.

✓ Credentials

The skill requires no environment variables or credentials. The SKILL.md suggests using 'gh api' to produce JSON exports, which may require GitHub auth when the user runs that step, but the skill itself does not request tokens or access unrelated secrets.

✓ Persistence & Privilege

Flags show normal defaults (not always:true). The skill does not claim or perform any persistent changes to agent/system configuration and requests no elevated privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-artifact-budget-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-artifact-budget-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release: artifact size hotspot audit with thresholds, filters, text/json reports, and fail gate

元数据

Slug github-actions-artifact-budget-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题