← 返回 Skills 市场

GitHub Actions Self-Hosted Risk Audit

Name: GitHub Actions Self-Hosted Risk Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

266

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-self-hosted-risk-audit

功能描述

Audit GitHub Actions workflows that use self-hosted runners for untrusted trigger and credential-hardening risks.

使用说明 (SKILL.md)

GitHub Actions Self-Hosted Risk Audit

Use this skill to flag risky workflow patterns when jobs run on self-hosted GitHub Actions runners.

What this skill does

Scans workflow YAML files (.github/workflows/*.yml by default)
Detects workflows that reference self-hosted runners
Flags high-risk trigger combinations (pull_request_target, pull_request, issue_comment)
Flags broad/self-hosted-only runner selection (no extra routing labels)
Flags workflows with write-capable permissions in self-hosted contexts
Flags actions/checkout steps that do not set persist-credentials: false
Supports text/json output and CI fail gate

Inputs

Optional:

WORKFLOW_GLOB (default: .github/workflows/*.y*ml)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
WARN_SCORE (default: 4)
CRITICAL_SCORE (default: 8)
WORKFLOW_FILE_MATCH / WORKFLOW_FILE_EXCLUDE (regex, optional)
FAIL_ON_CRITICAL (0 or 1, default: 0)

Run

Text report:

WORKFLOW_GLOB='.github/workflows/*.yml' \
WARN_SCORE=4 \
CRITICAL_SCORE=8 \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

JSON output + fail gate:

WORKFLOW_GLOB='.github/workflows/*.y*ml' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

Run against bundled fixtures:

WORKFLOW_GLOB='skills/github-actions-self-hosted-risk-audit/fixtures/*.y*ml' \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

Output contract

Exit 0 in reporting mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and one or more workflows are critical
Text mode prints summary + top flagged workflows
JSON mode prints summary + flagged workflows + critical workflows

安全使用建议

This skill appears safe to run locally: it only reads workflow YAML files and reports risky patterns, and it does not require API tokens or network access. Before installing/running, review or run the included script on a non-sensitive copy of your repo if you have concerns; note that the tool uses regex-based checks (not a full YAML AST), so expect occasional false positives/negatives. Also be cautious if you override WORKFLOW_GLOB to scan arbitrary paths — the script will read any files you point it at.

功能分析

Type: OpenClaw Skill Name: github-actions-self-hosted-risk-audit Version: 1.0.0 The skill is a static analysis tool designed to audit GitHub Actions workflows for security risks associated with self-hosted runners. It uses a Python script (embedded in scripts/self-hosted-risk-audit.sh) to scan YAML files for risky configurations such as pull_request_target triggers, broad runner labels, and insecure credential persistence. The implementation includes proper input validation, lacks network or exfiltration capabilities, and operates strictly as a reporting tool without executing the audited content.

能力评估

✓ Purpose & Capability

The name/description match the implementation. The script scans workflow YAML files for self-hosted runner patterns and flags trigger/permission/checkout issues. Required binaries (bash, python3) are appropriate and no unrelated credentials or services are requested.

✓ Instruction Scope

Runtime instructions and the included script operate on local files matched by WORKFLOW_GLOB (default .github/workflows/*.y*ml) and only read those files, apply regex checks, and emit reports. There are no instructions to read unrelated system config, exfiltrate data, or call external endpoints. Note: the tool uses regex-based parsing rather than a YAML parser, so it may be brittle and produce false positives/negatives, but that is a functional (not malicious) limitation.

✓ Install Mechanism

No install spec or external downloads — this is instruction-only plus an included shell script. Nothing is pulled from external URLs or written to system locations by an installer.

✓ Credentials

No required environment variables or credentials. Optional env vars control which files to scan and thresholds; they are configuration-only and proportional to the skill's purpose.

✓ Persistence & Privilege

The skill does not request persistent/global privileges (always:false), does not modify other skills or system-wide configs, and does not store credentials. It runs on demand and can be invoked by the user.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-self-hosted-risk-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-self-hosted-risk-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of github-actions-self-hosted-risk-audit. - Scans GitHub Actions workflows for use of self-hosted runners and flags risky configurations. - Detects dangerous trigger combinations, privilege escalation, overly broad runner selection, and insecure checkout steps. - Supports customizable input options including file glob, output format (text/json), scoring thresholds, and CI fail gating. - Outputs either a summary report or detailed JSON, and can fail CI on critical findings.

元数据

Slug github-actions-self-hosted-risk-audit

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题