← 返回 Skills 市场

GitHub Actions Failure Phase Audit

Name: GitHub Actions Failure Phase Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

262

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-failure-phase-audit

功能描述

Group GitHub Actions failures by pipeline phase (setup/build/test/lint/deploy/security) with minute impact to prioritize fixes.

使用说明 (SKILL.md)

GitHub Actions Failure Phase Audit

Use this skill to identify which CI/CD phase is burning the most minutes when jobs fail.

What this skill does

Reads one or more GitHub Actions run JSON exports (gh run view --json ...)
Detects the first non-success step per failed/cancelled/timed-out job
Maps failures to phases: setup, build, test, lint, deploy, security, other
Aggregates failures by repo + workflow + phase + failed step
Ranks hotspots by impacted minutes and failure count

Inputs

Optional:

RUN_GLOB (default: artifacts/github-actions/*.json)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
WARN_MINUTES (default: 20)
CRITICAL_MINUTES (default: 45)
FAIL_ON_CRITICAL (0 or 1, default: 0)
WORKFLOW_MATCH, WORKFLOW_EXCLUDE (regex, optional)
REPO_MATCH, REPO_EXCLUDE (regex, optional)
BRANCH_MATCH, BRANCH_EXCLUDE (regex, optional)
PHASE_MATCH, PHASE_EXCLUDE (regex, optional)

Collect run JSON

gh run view \x3Crun-id> --json databaseId,workflowName,headBranch,headSha,url,repository,jobs \
  > artifacts/github-actions/run-\x3Crun-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
WARN_MINUTES=15 \
CRITICAL_MINUTES=35 \
bash skills/github-actions-failure-phase-audit/scripts/failure-phase-audit.sh

JSON output + fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-failure-phase-audit/scripts/failure-phase-audit.sh

Phase filtered report:

RUN_GLOB='artifacts/github-actions/*.json' \
PHASE_MATCH='^(test|deploy)$' \
bash skills/github-actions-failure-phase-audit/scripts/failure-phase-audit.sh

Run with bundled fixtures:

RUN_GLOB='skills/github-actions-failure-phase-audit/fixtures/*.json' \
bash skills/github-actions-failure-phase-audit/scripts/failure-phase-audit.sh

Output contract

Exit 0 in reporting mode
Exit 1 when FAIL_ON_CRITICAL=1 and critical hotspots exist
Text output includes totals and ranked phase hotspots
JSON output includes summary, hotspots, and critical_hotspots

安全使用建议

This skill appears to do exactly what it says: aggregate failures from GitHub Actions run JSON files. Before installing/using it: 1) Be aware you (or an automation) must export run JSONs (the SKILL.md shows using 'gh run view'), and running 'gh' will use your local GitHub credentials — the skill itself does not request or transmit those. 2) The SKILL.md mentions the 'gh' CLI but the skill metadata does not list it as a required binary; ensure 'gh' is available and authenticated if you plan to use the export commands. 3) The script reads any files matched by RUN_GLOB — point that to a trusted directory (or use the bundled fixtures) to avoid accidentally scanning unrelated JSON. 4) The script can exit non-zero when FAIL_ON_CRITICAL=1 and critical hotspots exist; test with OUTPUT_FORMAT=json and the fixtures first to confirm behavior. 5) If you need stricter isolation, export the run JSONs separately and review them before running the script. Overall there are no red flags for credential exfiltration or unexpected network activity in the shipped code.

功能分析

Type: OpenClaw Skill Name: github-actions-failure-phase-audit Version: 1.0.0 The skill is a utility for auditing GitHub Actions failures by processing JSON exports from the GitHub CLI (`gh`). It uses a Python script embedded in a shell script (`scripts/failure-phase-audit.sh`) to aggregate failure data, categorize them into phases (e.g., build, test, deploy), and calculate time impact. The code is transparent, lacks suspicious network or file access, and contains no indicators of malicious intent, data exfiltration, or prompt injection attacks.

能力评估

ℹ Purpose & Capability

The skill's name/description match what the script does: it scans GitHub Actions run JSON exports and groups failures by phase. Required binaries (bash, python3) are appropriate for the shipped script. One inconsistency: SKILL.md shows using the 'gh' CLI to export run JSONs, but 'gh' is not listed in the declared required binaries — the skill itself does not invoke 'gh' (it processes files), but users will typically run 'gh run view' to produce the inputs.

ℹ Instruction Scope

The SKILL.md and script limit their actions to reading local JSON files (RUN_GLOB) and producing a text/JSON report and exit code. The instructions do tell the user how to call 'gh run view' to create input files; apart from that, the runtime logic only reads and aggregates data from those files and respects explicit environment filter variables. The only scope surprise is the implicit reliance on the user running 'gh' (which accesses GitHub) to produce inputs; the skill itself does not contact external endpoints.

✓ Install Mechanism

This is an instruction-only skill with one included script and no install spec. Nothing is downloaded or written to system locations beyond the script present in the skill bundle. Risk from installation is low.

ℹ Credentials

The skill does not request any credentials or secret environment variables. It accepts a reasonable set of optional env inputs (RUN_GLOB, filters, thresholds). Note: producing the JSON inputs commonly involves using the 'gh' CLI, which uses the user's GitHub credentials outside of this skill — that credential use is not requested or managed by the skill itself.

✓ Persistence & Privilege

The skill does not request or modify agent/global config, does not require always:true, and does not persist credentials. It runs on demand and only processes files matched by the provided glob.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-failure-phase-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-failure-phase-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of github-actions-failure-phase-audit. - Groups GitHub Actions CI/CD failures by pipeline phase (setup, build, test, lint, deploy, security, other) to highlight high-impact areas. - Ranks failure hotspots by total minutes wasted and failure count, helping prioritize fixes. - Supports flexible filters by repo, branch, workflow, or phase using regex. - Generate human-readable or JSON reports; includes thresholds for warning/critical impact and optional fail gating. - Simple integration: analyze exported GitHub Actions run JSONs with a single script.

元数据

Slug github-actions-failure-phase-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题