← 返回 Skills 市场

GitHub Actions Commit Health Audit

Name: GitHub Actions Commit Health Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

251

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-commit-health-audit

功能描述

Audit GitHub Actions reliability by commit SHA to surface risky commits causing repeated workflow failures across branches.

使用说明 (SKILL.md)

GitHub Actions Commit Health Audit

Use this skill to find commits that repeatedly fail CI so teams can prioritize rollback, revert, or targeted fixes.

What this skill does

Reads GitHub Actions run JSON exports
Groups runs by repository + commit SHA
Scores commit risk using failure rate, failed-run volume, and workflow spread
Flags warning/critical commit hotspots
Emits text or JSON output for CI checks and triage dashboards

Inputs

Optional:

RUN_GLOB (default: artifacts/github-actions/*.json)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
MIN_RUNS (default: 2)
BRANCH_MATCH (regex, optional)
BRANCH_EXCLUDE (regex, optional)
WORKFLOW_MATCH (regex, optional)
WORKFLOW_EXCLUDE (regex, optional)
REPO_MATCH (regex, optional)
REPO_EXCLUDE (regex, optional)
SHA_MATCH (regex, optional)
SHA_EXCLUDE (regex, optional)
FAIL_WARN_PERCENT (default: 25)
FAIL_CRITICAL_PERCENT (default: 50)
WARN_SCORE (default: 35)
CRITICAL_SCORE (default: 60)
FAIL_ON_CRITICAL (0 or 1, default: 0)

Collect run JSON

gh run view \x3Crun-id> --json databaseId,workflowName,event,conclusion,headBranch,headSha,createdAt,updatedAt,startedAt,url,repository \
  > artifacts/github-actions/run-\x3Crun-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
MIN_RUNS=3 \
bash skills/github-actions-commit-health-audit/scripts/commit-health-audit.sh

JSON output with fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-commit-health-audit/scripts/commit-health-audit.sh

Run with bundled fixtures:

RUN_GLOB='skills/github-actions-commit-health-audit/fixtures/*.json' \
bash skills/github-actions-commit-health-audit/scripts/commit-health-audit.sh

Output contract

Exit 0 in report mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and one or more commits are critical
Text mode prints summary + ranked commit-risk groups
JSON mode prints summary + scored groups + critical commit details

安全使用建议

This skill appears to do what it says: analyze local GitHub Actions run JSON exports and report risky commits. Before installing/using it: 1) Note SKILL.md shows using the GitHub CLI ('gh run view') to collect run JSONs — ensure you have 'gh' available if you want to use that collection step (the script itself does not invoke 'gh'). 2) Run the bundled fixtures first (RUN_GLOB pointing at skills/.../fixtures/*.json) to verify output and behavior. 3) Inspect the full script if you have strict policies (the included code runs locally and the visible parts do not perform network calls or read secrets). 4) Ensure artifacts you point RUN_GLOB at do not contain sensitive tokens or secrets, and run the script in an environment you control. 5) If you need automated collection of run JSONs, prefer running 'gh' manually or via CI with minimal-scoped tokens rather than giving broad credentials to external tools.

功能分析

Type: OpenClaw Skill Name: github-actions-commit-health-audit Version: 1.0.0 The skill is a legitimate utility for auditing GitHub Actions CI/CD health by analyzing JSON run exports. It processes local files specified by a glob pattern, aggregates failure statistics, and generates reports. The code (scripts/commit-health-audit.sh) uses safe practices for executing the embedded Python logic, including proper argument handling and error catching during JSON parsing, which prevents accidental data leakage from non-JSON files. No indicators of data exfiltration, malicious execution, or prompt injection were found.

能力评估

✓ Purpose & Capability

The name/description match the implementation: the script reads run JSON files, aggregates by repository+SHA, computes failure rates and a heuristic score, and emits text/JSON reports. Required binaries (bash, python3) are appropriate for the bundled shell + python implementation. Minor note: the SKILL.md shows an example using the 'gh' CLI to produce run JSON exports, but 'gh' is not declared in the required binaries list; this is an omission in metadata but does not imply malicious behavior.

✓ Instruction Scope

Runtime instructions and the script operate on local JSON files (RUN_GLOB) and environment inputs documented in SKILL.md. The code parses only the provided JSON artifacts, applies regex filters, and computes scores. It does not reference unexpected system paths or other environment variables beyond those documented. The SKILL.md does suggest using 'gh run view' to collect artifacts (a separate step) — that command would be executed by the user outside the skill if they follow the guide.

✓ Install Mechanism

There is no install spec (instruction-only with a shipped script), so nothing is downloaded or written to disk by an installer. The script is included in the bundle; runtime execution will only run local code using bash/python3.

✓ Credentials

The skill declares no required environment variables or credentials and the script only uses the documented optional env inputs (RUN_GLOB, TOP_N, OUTPUT_FORMAT, etc.). There is no request for unrelated secrets or configuration.

✓ Persistence & Privilege

The skill does not request permanent or elevated privileges (always is false). It does not modify other skills or system-wide configuration in the provided files; it simply reads local artifact JSON files and writes reports/exit codes as expected.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-commit-health-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-commit-health-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release – Audits GitHub Actions by commit to identify and score risky commits: - Reads exported GitHub Actions run JSON and groups by repository + commit SHA - Scores and flags commits with high failure rates, volumes, and workflow spread - Provides configurable output (text or JSON), filtering, and thresholds - Supports optional fail-gate for CI blocking on critical commit risks - Outputs commit health summaries for CI checks and triage dashboards

元数据

Slug github-actions-commit-health-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题