← 返回 Skills 市场

GitHub Actions Recovery Latency Audit

Name: GitHub Actions Recovery Latency Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

263

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-recovery-latency-audit

功能描述

Measure GitHub Actions failure recovery latency and unresolved incident age by workflow group.

使用说明 (SKILL.md)

GitHub Actions Recovery Latency Audit

Use this skill to measure how quickly workflows recover after failing, and to detect groups that remain red for too long.

What this skill does

Reads GitHub Actions run JSON exports
Groups by repository + workflow + branch + event
Builds failure incidents (first failing run until next success)
Reports recovery latency for closed incidents
Reports unresolved incident count + oldest unresolved age
Scores severity (ok, warn, critical) for triage and CI gates

Inputs

Optional:

RUN_GLOB (default: artifacts/github-actions/*.json)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
MIN_RUNS (default: 4)
WARN_P95_HOURS (default: 6)
CRITICAL_P95_HOURS (default: 18)
WARN_OPEN_HOURS (default: 12)
CRITICAL_OPEN_HOURS (default: 36)
WARN_OPEN_INCIDENTS (default: 1)
CRITICAL_OPEN_INCIDENTS (default: 2)
NOW_ISO (optional fixed clock for deterministic tests)
WORKFLOW_MATCH / WORKFLOW_EXCLUDE (regex)
BRANCH_MATCH / BRANCH_EXCLUDE (regex)
EVENT_MATCH / EVENT_EXCLUDE (regex)
REPO_MATCH / REPO_EXCLUDE (regex)
FAIL_ON_CRITICAL (0 or 1, default: 0)

Collect run JSON

gh run view \x3Crun-id> --json databaseId,workflowName,event,conclusion,headBranch,createdAt,url,repository \
  > artifacts/github-actions/run-\x3Crun-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
TOP_N=15 \
bash skills/github-actions-recovery-latency-audit/scripts/recovery-latency-audit.sh

JSON + fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-recovery-latency-audit/scripts/recovery-latency-audit.sh

Run against bundled fixtures:

RUN_GLOB='skills/github-actions-recovery-latency-audit/fixtures/*.json' \
NOW_ISO='2026-03-07T14:00:00Z' \
bash skills/github-actions-recovery-latency-audit/scripts/recovery-latency-audit.sh

Output contract

Exit 0 in report mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and one or more groups are critical
Text mode prints summary + ranked recovery-risk groups
JSON mode prints summary + ranked groups + critical groups

安全使用建议

This script is straightforward and appears safe: it analyzes local GitHub Actions run JSON files and emits a report. Before running: (1) confirm RUN_GLOB points only to the intended artifacts directory so you don't accidentally scan unrelated JSON files; (2) if you want to collect run JSON with the GitHub CLI, you will need gh and an authenticated session (the skill itself does not request or manage credentials); (3) run against the included fixtures first (RUN_GLOB=skills/.../fixtures/*.json) to verify output; (4) inspect any real artifacts you feed it for sensitive data before uploading or sharing results.

功能分析

Type: OpenClaw Skill Name: github-actions-recovery-latency-audit Version: 1.0.0 The skill bundle is a legitimate utility for auditing GitHub Actions workflow recovery latency. It processes JSON run data (provided via a user-defined glob) using a Python script embedded in a shell wrapper (scripts/recovery-latency-audit.sh). The logic focuses on calculating failure incident durations and reporting severity based on configurable thresholds, with no evidence of data exfiltration, malicious execution, or prompt injection.

能力评估

ℹ Purpose & Capability

The name/description match the implementation: the script parses exported GitHub Actions run JSON files and computes incident/recovery metrics. One minor mismatch: SKILL.md shows using the GitHub CLI (gh run view ...) to collect run JSON, but the declared required binaries list only bash and python3 (gh is not listed). The script itself operates purely on local JSON files and does not invoke gh.

✓ Instruction Scope

Runtime instructions and the script stay within scope: they read local JSON files matched by RUN_GLOB, apply filters, compute incidents and scores, and print or emit JSON/text reports. There are no steps that read unrelated system files, exfiltrate data, or call external endpoints from the script.

✓ Install Mechanism

No install spec; this is effectively an instruction + script bundle. Nothing in the package downloads or writes external binaries. Risk from installation is low.

✓ Credentials

The skill declares no required environment secrets and uses only optional environment variables for configuration (glob, thresholds, filters, NOW_ISO). No credentials or config paths are requested. Note: if the user follows SKILL.md's 'gh run view' collection step, that operation uses the user's gh/ GitHub credentials — that is a user action outside the skill.

✓ Persistence & Privilege

always is false and the skill does not request persistent presence or modify other skills or system configuration. It runs on-demand and only reads local files.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-recovery-latency-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-recovery-latency-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of github-actions-recovery-latency-audit. - Measures recovery latency for failed GitHub Actions workflows by group. - Reports unresolved incidents and their ages. - Supports filtering by workflow, branch, event, and repository. - Provides summary and detailed ranking in text or JSON format. - Optional severity-based CI fail gate with configurable thresholds.

元数据

Slug github-actions-recovery-latency-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题