← 返回 Skills 市场

GitHub Actions Step Flake Audit

Name: GitHub Actions Step Flake Audit
Author: daniellummis

作者 Daniel Lummis · GitHub ↗ · v1.0.0

cross-platform ✓ 安全检测通过

244

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-step-flake-audit

功能描述

Detect flaky GitHub Actions job steps by finding mixed success/failure conclusions across runs.

使用说明 (SKILL.md)

GitHub Actions Step Flake Audit

Use this skill to catch flaky CI steps that alternate between passing and failing across workflow runs.

What this skill does

Reads GitHub Actions run JSON exports (gh run view --json ...)
Groups step outcomes by repository + workflow + job + step name
Scores each step for flake risk when both success and failure outcomes are present
Ranks the most unstable steps by failure rate and failed-run volume
Supports text/json outputs and optional fail gate for CI enforcement

Inputs

Optional:

RUN_GLOB (default: artifacts/github-actions/*.json)
TOP_N (default: 20)
OUTPUT_FORMAT (text or json, default: text)
MIN_OCCURRENCES (default: 3) — minimum observed step runs before scoring
WARN_FAILURE_RATE (default: 0.20) — flaky failure-rate threshold
CRITICAL_FAILURE_RATE (default: 0.40) — critical flaky failure-rate threshold
FAIL_ON_CRITICAL (0 or 1, default: 0)
REPO_MATCH / REPO_EXCLUDE (regex, optional)
WORKFLOW_MATCH / WORKFLOW_EXCLUDE (regex, optional)
JOB_MATCH / JOB_EXCLUDE (regex, optional)
STEP_MATCH / STEP_EXCLUDE (regex, optional)

Collect run JSON

gh run view \x3Crun-id> --json databaseId,workflowName,headBranch,headSha,url,repository,jobs \
  > artifacts/github-actions/run-\x3Crun-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
MIN_OCCURRENCES=5 \
WARN_FAILURE_RATE=0.15 \
CRITICAL_FAILURE_RATE=0.35 \
bash skills/github-actions-step-flake-audit/scripts/step-flake-audit.sh

JSON output + fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-step-flake-audit/scripts/step-flake-audit.sh

Run against bundled fixtures:

RUN_GLOB='skills/github-actions-step-flake-audit/fixtures/*.json' \
bash skills/github-actions-step-flake-audit/scripts/step-flake-audit.sh

Output contract

Exit 0 in reporting mode (default)
Exit 1 when FAIL_ON_CRITICAL=1 and one or more flaky step groups are critical
Text mode prints summary + top flaky steps
JSON mode prints summary + ranked groups + critical groups

安全使用建议

This skill analyzes local GitHub Actions run JSON exports and does not send data out or require credentials. Before running: 1) ensure RUN_GLOB points only to intended artifact files (avoid broad globs that might match sensitive JSON), 2) if you want to collect runs using the `gh` example in SKILL.md, run that yourself — the skill does not call `gh` and does not declare it as a dependency, and 3) inspect any real run JSONs to confirm they don't contain sensitive secrets you don't want processed or stored. Otherwise the tool appears coherent and appropriate for its stated purpose.

功能分析

Type: OpenClaw Skill Name: github-actions-step-flake-audit Version: 1.0.0 The skill is designed to identify flaky GitHub Actions steps by parsing JSON run logs. The implementation in `step-flake-audit.sh` uses a Python script to safely aggregate job outcomes and calculate failure rates without any evidence of data exfiltration, unauthorized execution, or malicious intent.

能力评估

ℹ Purpose & Capability

The name/description match the implementation: the script aggregates step outcomes from GitHub Actions run JSON files and scores flaky steps. Small mismatch: SKILL.md shows how to obtain JSON with `gh run view`, but the skill does not declare `gh` as a required binary or try to call `gh` itself — it only reads pre-collected JSON files. This is a minor documentation vs. requirement inconsistency, not a functional problem.

✓ Instruction Scope

Runtime instructions and the script operate on local JSON files (RUN_GLOB) and only inspect fields in those files. The script reads, parses, filters, aggregates, and prints results or exits non-zero when FAIL_ON_CRITICAL is set. It does not attempt to read other system files, access network endpoints, or export data externally.

✓ Install Mechanism

There is no install spec (instruction-only plus a bundled script), so nothing is downloaded or installed by the skill. Required binaries are minimal (bash, python3) and match the provided script.

✓ Credentials

The skill requests no environment variables or credentials. It accepts many optional runtime variables (regex filters, thresholds) which are reasonable for its purpose. There are no secret-like env vars declared or accessed.

✓ Persistence & Privilege

The skill does not request persistent presence (always:false) and does not modify agent system configuration. It runs as a one-off script operating on files the user supplies.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-step-flake-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-step-flake-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release

元数据

Slug github-actions-step-flake-audit

版本 1.0.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题