← 返回 Skills 市场

GitHub Actions Merge Queue Health Audit

Name: GitHub Actions Merge Queue Health Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

258

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-merge-queue-health-audit

功能描述

Audit GitHub merge queue workflow health with failure-rate, queue-latency, and stale-success risk scoring.

使用说明 (SKILL.md)

GitHub Actions Merge Queue Health Audit

Use this skill to catch unhealthy merge_group (or pull-request gate) workflows before queue times and failures block merges.

What this skill does

Reads GitHub Actions run JSON exports
Focuses on merge queue style events (merge_group by default)
Aggregates health by repo/workflow (or repo/workflow/branch)
Scores risk using failure rate, queue latency, and stale-success age
Emits ok / warn / critical with optional CI fail gate

Inputs

Optional:

RUN_GLOB (default: artifacts/github-actions/*.json)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
GROUP_BY (repo-workflow or repo-workflow-branch, default: repo-workflow)
NOW_ISO (optional ISO timestamp override for deterministic replay)
EVENTS (comma list, default: merge_group)
WARN_FAILURE_RATE (0..1, default: 0.2)
CRITICAL_FAILURE_RATE (0..1, default: 0.4)
WARN_P95_QUEUE_MINUTES (default: 8)
CRITICAL_P95_QUEUE_MINUTES (default: 20)
WARN_STALE_SUCCESS_HOURS (default: 18)
CRITICAL_STALE_SUCCESS_HOURS (default: 48)
MIN_RUNS (default: 3)
WORKFLOW_MATCH / WORKFLOW_EXCLUDE (regex, optional)
BRANCH_MATCH / BRANCH_EXCLUDE (regex, optional)
REPO_MATCH / REPO_EXCLUDE (regex, optional)
EVENT_MATCH / EVENT_EXCLUDE (regex, optional)
FAIL_ON_CRITICAL (0 or 1, default: 0)

Collect run JSON

gh run view \x3Crun-id> \
  --json databaseId,workflowName,event,headBranch,status,conclusion,createdAt,runStartedAt,updatedAt,url,repository \
  > artifacts/github-actions/run-\x3Crun-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
bash skills/github-actions-merge-queue-health-audit/scripts/merge-queue-health-audit.sh

JSON output + fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-merge-queue-health-audit/scripts/merge-queue-health-audit.sh

Run against bundled fixtures:

NOW_ISO='2026-03-08T00:00:00Z' \
RUN_GLOB='skills/github-actions-merge-queue-health-audit/fixtures/*.json' \
bash skills/github-actions-merge-queue-health-audit/scripts/merge-queue-health-audit.sh

Output contract

Exit 0 in report mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and one or more groups are critical
Text mode prints summary + ranked risk groups
JSON mode prints summary + ranked groups + critical groups

安全使用建议

This skill appears to do what it claims: parse local GitHub Actions run JSON files and score merge-queue health. Before installing/using it: (1) Note the SKILL.md examples use 'gh run view' to fetch JSONs — the script itself doesn't call 'gh', so install metadata should list 'gh' if you plan to follow that workflow. (2) The script reads whatever files match RUN_GLOB, so ensure that glob points only to exported run JSONs (avoid pointing it at directories with sensitive files). (3) Review the script if you need stricter validation of input JSONs or want it to fetch run data directly (that would require network access and GitHub credentials). (4) Run the provided fixtures first to verify output and behavior (the script supports NOW_ISO and fixtures for reproducible runs).

功能分析

Type: OpenClaw Skill Name: github-actions-merge-queue-health-audit Version: 1.0.0 The skill is a legitimate utility for auditing GitHub Actions merge queue health by analyzing local JSON run exports. The script `scripts/merge-queue-health-audit.sh` processes run data to calculate failure rates, queue latency, and risk scores without any indicators of malicious intent, data exfiltration, or unauthorized execution.

能力评估

ℹ Purpose & Capability

Name/description promise (audit merge-queue health) matches the included script which parses GitHub Actions run JSON and computes failure/latency/stale-success metrics. Required binaries (bash, python3) are reasonable for the shipped script. One mismatch: SKILL.md shows a 'gh run view' command to collect run JSONs, but 'gh' is not listed in required binaries—this is a documentation/metadata inconsistency (the core script itself does not invoke the GitHub CLI).

✓ Instruction Scope

Runtime instructions and the script are narrowly scoped: they read local JSON files (RUN_GLOB), filter/aggregate runs, and produce text or JSON reports and an optional exit code. The instructions do not direct the agent to read arbitrary unrelated system files, nor to send data to external endpoints. The only network action present in docs is the suggested use of 'gh run view' (a user-invoked step to fetch run JSONs); the shipped code itself performs no network I/O.

✓ Install Mechanism

No install spec; this is instruction-only plus a shell script. Nothing is downloaded or written to disk by an installer. Risk from install mechanism is low.

✓ Credentials

The skill declares no required environment variables or credentials and the script only reads variables that control filtering/thresholds and a RUN_GLOB path. Requested environment access is proportionate to the stated auditing task.

✓ Persistence & Privilege

The skill does not request permanent presence (always:false) and does not modify agent/system configuration. It only runs when invoked and uses local data; persistence/privilege concerns are minimal.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-merge-queue-health-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-merge-queue-health-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of github-actions-merge-queue-health-audit. - Audits GitHub Actions merge queue workflows for failure rate, queue latency, and stale-success risks. - Aggregates and scores workflow health by repository and workflow, with flexible grouping and filtering. - Supports text or JSON output, with optional CI fail gate on critical health status. - Allows configuration through environment variables for event types, thresholds, groupings, and includes/excludes. - Provides sample usage commands and output contract details.

元数据

Slug github-actions-merge-queue-health-audit

版本 1.0.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题