← 返回 Skills 市场

GitHub Actions Runtime Regression Audit

Name: GitHub Actions Runtime Regression Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

258

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-runtime-regression-audit

功能描述

Compare baseline vs current GitHub Actions run exports to catch workflow/job runtime regressions before CI costs and lead time spike.

使用说明 (SKILL.md)

GitHub Actions Runtime Regression Audit

Use this skill to detect runtime regressions between historical baseline runs and current runs.

What this skill does

Reads baseline and current GitHub Actions run JSON exports (gh run view --json ...)
Calculates average and p95 runtime per repository + workflow + job
Compares current metrics against baseline and ranks largest regressions
Flags warn/critical regressions by absolute seconds and percent delta
Emits text summary for humans or JSON for automation

Inputs

Required:

BASELINE_GLOB (glob for baseline run JSON files)
CURRENT_GLOB (glob for current run JSON files)

Optional:

TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
WARN_DELTA_SECONDS (default: 30)
CRITICAL_DELTA_SECONDS (default: 90)
WARN_DELTA_PERCENT (default: 15)
CRITICAL_DELTA_PERCENT (default: 35)
FAIL_ON_CRITICAL (0 or 1, default: 0)
WORKFLOW_MATCH (regex, optional)
WORKFLOW_EXCLUDE (regex, optional)
JOB_MATCH (regex, optional)
JOB_EXCLUDE (regex, optional)
REPO_MATCH (regex, optional)
REPO_EXCLUDE (regex, optional)

Collect run JSON

gh run view \x3Crun-id> --json databaseId,workflowName,headBranch,headSha,url,repository,jobs \
  > artifacts/github-actions/run-\x3Crun-id>.json

Capture a stable baseline window (for example previous 2 weeks), then current runs from latest commits.

Run

Text report:

BASELINE_GLOB='artifacts/github-actions/baseline/*.json' \
CURRENT_GLOB='artifacts/github-actions/current/*.json' \
TOP_N=15 \
WARN_DELTA_SECONDS=45 \
CRITICAL_DELTA_SECONDS=120 \
bash skills/github-actions-runtime-regression-audit/scripts/runtime-regression-audit.sh

JSON output with CI gate:

BASELINE_GLOB='artifacts/github-actions/baseline/*.json' \
CURRENT_GLOB='artifacts/github-actions/current/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-runtime-regression-audit/scripts/runtime-regression-audit.sh

Run with bundled fixtures:

BASELINE_GLOB='skills/github-actions-runtime-regression-audit/fixtures/baseline-*.json' \
CURRENT_GLOB='skills/github-actions-runtime-regression-audit/fixtures/current-*.json' \
bash skills/github-actions-runtime-regression-audit/scripts/runtime-regression-audit.sh

Output contract

Exit 0 in reporting mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and at least one job crosses critical regression thresholds
text mode prints summary + top regressions + new jobs without baseline
json mode outputs summary, ranked regressions, and newly observed jobs

安全使用建议

This skill appears to do exactly what it claims: parse local GitHub Actions run JSON exports and report runtime regressions. Before running: (1) inspect the full runtime-regression-audit.sh file locally (the provided listing was truncated here, so verify the file's tail and final output/exit logic), (2) run it first against the bundled fixtures to confirm behavior, (3) avoid overly-broad globs (they can make the script parse unrelated JSON files), and (4) run with OUTPUT_FORMAT=json and review output before using FAIL_ON_CRITICAL=1 in automation. If you need higher assurance, open the full script to confirm there are no network calls, credential reads, or command execution paths beyond parsing and local reporting.

功能分析

Type: OpenClaw Skill Name: github-actions-runtime-regression-audit Version: 1.0.0 The skill is a legitimate utility designed to audit GitHub Actions runtime regressions by comparing baseline and current JSON run exports. The core logic is contained in a Python script (embedded in scripts/runtime-regression-audit.sh) that parses local JSON files, calculates job durations, and identifies performance deltas based on user-defined thresholds. No evidence of data exfiltration, malicious execution, or prompt injection was found; the script operates strictly on local data provided via environment variables.

能力评估

✓ Purpose & Capability

Name/description ask to compare baseline vs current GH Actions run exports. The skill only requires bash and python3 and operates on user-supplied JSON run exports (BASELINE_GLOB, CURRENT_GLOB). Those requirements are proportionate and expected for this task.

ℹ Instruction Scope

SKILL.md instructs the user to capture GH run JSONs (gh run view) and run the included script with globs; the script parses those files, computes averages/p95 and flags regressions. This is within scope. Note: the script will read any files matched by the supplied globs, so a careless glob could cause it to parse unrelated JSON files — expected behavior but something to be cautious about.

✓ Install Mechanism

No install spec (instruction-only plus a shipped script). No downloads or package installs. Lowest-risk install surface.

✓ Credentials

No required credentials or config paths. The script uses only environment variables that control glob patterns and thresholds (declared in SKILL.md). No secrets are requested or used.

✓ Persistence & Privilege

always:false and no install hooks. The skill does not request persistent/privileged presence or modify other skills or system-wide configs.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-runtime-regression-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-runtime-regression-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release: baseline-vs-current runtime regression detection with text/json output, thresholds, regex filters, and fail gate.

元数据

Slug github-actions-runtime-regression-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题