ClawHub

GitHub Actions Cache Hardening Audit

v1.0.0

Audit GitHub Actions workflow cache usage for poisoning, keying, and secret-path risks.

0· 270·1 current·1 all-time
byDaniel Lummis@daniellummis

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for daniellummis/github-actions-cache-hardening-audit.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "GitHub Actions Cache Hardening Audit" (daniellummis/github-actions-cache-hardening-audit) from ClawHub.
Skill page: https://clawhub.ai/daniellummis/github-actions-cache-hardening-audit
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: bash, python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install github-actions-cache-hardening-audit

ClawHub CLI

Package manager switcher

npx clawhub@latest install github-actions-cache-hardening-audit
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the included Bash+Python script which scans .github/workflows YAML files for cache-related anti-patterns. Required binaries (bash, python3) are exactly what the script needs. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md instructs running the bundled script against workflow files (default .github/workflows/*.y*ml). The script only reads files matched by the provided glob, parses them for specific patterns, and emits text or JSON. It does not call external network endpoints, does not access environment variables beyond those declared, and does not exfiltrate data. Note: because it reads repository files, running it in a context with broader filesystem access could expose any files matched by the glob—this is expected for a static repo scanner.
Install Mechanism
There is no install spec; this is instruction-only with a bundled script. That minimizes risk since nothing is downloaded or written to disk beyond the existing skill files.
Credentials
The skill requires no environment variables or credentials. The optional runtime inputs (WORKFLOW_GLOB, OUTPUT_FORMAT, etc.) are reasonable for a static analysis tool and do not request secrets or unrelated access.
Persistence & Privilege
always:false and no behavior that modifies agent/system configuration. The skill does not attempt to persist credentials or change other skills. Autonomous invocation is allowed by default but is not combined with other concerning behaviors.
Assessment
This skill appears to be what it claims: a static linter for GitHub Actions cache usage. Before running it, review the script (already bundled) and run it against a restricted glob (default .github/workflows/*.y*ml) or against included fixtures to confirm output. It reads files matched by the glob—so avoid pointing it at broader globs if you don't want unrelated files scanned. There's no network exfiltration or credential access in the code, and it does not require any installation. If you plan to run it in a CI runner with broad filesystem access, be aware it will read files available to that runner; use WORKFLOW_GLOB to limit scope. If you need higher assurance, run the script locally on a copy of the repository or review the bundled code (scripts/cache-hardening-audit.sh) line-by-line; otherwise this skill is coherent and proportionate to its stated purpose.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsbash, python3
latestvk9775se5vz9haam9jazwpjzj2982grde
270downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
Daniel Lummis@daniellummis
latest
Download

GitHub Actions Cache Hardening Audit

Use this skill to statically audit .github/workflows/*.yml for risky cache patterns that can cause cache poisoning, stale cache churn, or secret leakage.

What this skill checks

  • actions/cache usage on untrusted triggers (pull_request_target)
  • Cache keys that do not use hashFiles(...)
  • Overly broad restore-keys prefixes
  • Sensitive paths accidentally included in cache paths (.aws, .ssh, .npmrc, .git)
  • Floating cache action refs (@main, @master)

Inputs

Optional:

  • WORKFLOW_GLOB (default: .github/workflows/*.y*ml)
  • TOP_N (default: 20)
  • OUTPUT_FORMAT (text or json, default: text)
  • WARN_SCORE (default: 3)
  • CRITICAL_SCORE (default: 6)
  • WORKFLOW_FILE_MATCH (regex, optional)
  • WORKFLOW_FILE_EXCLUDE (regex, optional)
  • FAIL_ON_CRITICAL (0 or 1, default: 0)

Run

Text report:

WORKFLOW_GLOB='.github/workflows/*.yml' \
bash skills/github-actions-cache-hardening-audit/scripts/cache-hardening-audit.sh

JSON output + fail gate:

WORKFLOW_GLOB='.github/workflows/*.yml' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-cache-hardening-audit/scripts/cache-hardening-audit.sh

Run against bundled fixtures:

WORKFLOW_GLOB='skills/github-actions-cache-hardening-audit/fixtures/*.yml' \
bash skills/github-actions-cache-hardening-audit/scripts/cache-hardening-audit.sh

Output contract

  • Exit 0 by default (report mode)
  • Exit 1 when FAIL_ON_CRITICAL=1 and at least one critical workflow is detected
  • Text mode prints a summary and top flagged workflows
  • JSON mode emits summary, flagged_workflows, and critical_workflows

Comments

Loading comments...