← 返回 Skills 市场

GitHub Actions Permission Scope Audit

Name: GitHub Actions Permission Scope Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

241

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-permission-scope-audit

功能描述

Audit GitHub Actions workflow permission scope drift to enforce least-privilege token access.

使用说明 (SKILL.md)

GitHub Actions Permission Scope Audit

Use this skill to detect over-broad GITHUB_TOKEN permissions and scope drift across GitHub Actions workflows.

What this skill does

Reads workflow YAML files
Detects explicit broad permission grants (write-all, contents: write, etc.)
Flags risky patterns like pull_request_target workflows with write permissions
Identifies workflows with no explicit permissions policy
Emits text or JSON for CI triage and policy gates

Inputs

Optional:

WORKFLOW_GLOB (default: .github/workflows/*.y*ml)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
WARN_SCORE (default: 2)
CRITICAL_SCORE (default: 5)
FLAG_MISSING_PERMISSIONS (0 or 1, default: 1)
FLAG_WRITE_ALL (0 or 1, default: 1)
FLAG_WRITE_SCOPES (0 or 1, default: 1)
WORKFLOW_FILE_MATCH / WORKFLOW_FILE_EXCLUDE (regex, optional)
EVENT_MATCH / EVENT_EXCLUDE (regex, optional)
PERMISSION_MATCH / PERMISSION_EXCLUDE (regex, optional)
FAIL_ON_CRITICAL (0 or 1, default: 0)

Run

Text report:

WORKFLOW_GLOB='.github/workflows/*.yml' \
bash skills/github-actions-permission-scope-audit/scripts/permission-scope-audit.sh

JSON output + fail gate:

WORKFLOW_GLOB='.github/workflows/*.yml' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-permission-scope-audit/scripts/permission-scope-audit.sh

Run against bundled fixtures:

WORKFLOW_GLOB='skills/github-actions-permission-scope-audit/fixtures/*.yml' \
bash skills/github-actions-permission-scope-audit/scripts/permission-scope-audit.sh

Output contract

Exit 0 in report mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and one or more workflows are critical
Text mode prints summary + ranked workflows
JSON mode prints summary + ranked workflows + critical workflows

安全使用建议

This skill appears to do exactly what it claims: scan your repository's .github/workflows YAML files for broad GITHUB_TOKEN permissions and emit a ranked report. Before installing/running: (1) review the bundled script if you have strict security controls — it parses YAML using regex rather than a YAML parser so it may mis-detect unusual formatting; (2) run it in the repository root (or set WORKFLOW_GLOB) because it only reads files matched by the glob; (3) it requires bash and python3 on PATH; (4) it does not exfiltrate data or require credentials, but avoid running it against untrusted repositories if you don't want the agent to read those repo files. Overall the skill is internally consistent and proportionate for its stated purpose.

功能分析

Type: OpenClaw Skill Name: github-actions-permission-scope-audit Version: 1.0.0 The skill is a security auditing tool designed to identify over-privileged GitHub Actions workflows by analyzing 'permissions' blocks and 'pull_request_target' triggers. The implementation in 'scripts/permission-scope-audit.sh' uses a transparent Python script to perform local file analysis without any network activity, credential access, or obfuscation, aligning perfectly with its stated purpose.

能力评估

✓ Purpose & Capability

Name/description match the shipped script and fixtures. Declared required binaries (bash, python3) are exactly what the SKILL.md and scripts use. No unrelated credentials, config paths, or binaries are requested.

✓ Instruction Scope

SKILL.md instructs the agent to read workflow YAML files, run the bundled shell script, and optionally set environment flags; the script only reads files matched by WORKFLOW_GLOB, extracts events/permission lines via regex, scores findings, and prints text/JSON. It does not send data externally, read unrelated system config, or access secrets.

✓ Install Mechanism

This is an instruction-only skill with no install spec; the only shipped code is a shell script and fixtures. Nothing is downloaded or extracted from external URLs.

✓ Credentials

No required environment variables or credentials are declared; optional ENV inputs are for filtering/reporting and are appropriate for the task. The script does not attempt to read additional env vars or secret files.

✓ Persistence & Privilege

Skill does not request permanent presence (always:false) or modify other skills or system-wide settings. It runs on demand and has no privileged persistence behavior.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-permission-scope-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-permission-scope-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release: detect over-broad token permissions, pull_request_target+write risk, and missing explicit permissions policy with text/json outputs + fail gate.

元数据

Slug github-actions-permission-scope-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题