ClawHub

GitHub Actions Recovery Latency Audit

v1.0.0

Measure GitHub Actions failure recovery latency and unresolved incident age by workflow group.

0· 242·0 current·0 all-time
byDaniel Lummis@daniellummis
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the implementation: the script parses exported GitHub Actions run JSON files and computes incident/recovery metrics. One minor mismatch: SKILL.md shows using the GitHub CLI (gh run view ...) to collect run JSON, but the declared required binaries list only bash and python3 (gh is not listed). The script itself operates purely on local JSON files and does not invoke gh.
Instruction Scope
Runtime instructions and the script stay within scope: they read local JSON files matched by RUN_GLOB, apply filters, compute incidents and scores, and print or emit JSON/text reports. There are no steps that read unrelated system files, exfiltrate data, or call external endpoints from the script.
Install Mechanism
No install spec; this is effectively an instruction + script bundle. Nothing in the package downloads or writes external binaries. Risk from installation is low.
Credentials
The skill declares no required environment secrets and uses only optional environment variables for configuration (glob, thresholds, filters, NOW_ISO). No credentials or config paths are requested. Note: if the user follows SKILL.md's 'gh run view' collection step, that operation uses the user's gh/ GitHub credentials — that is a user action outside the skill.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills or system configuration. It runs on-demand and only reads local files.
Assessment
This script is straightforward and appears safe: it analyzes local GitHub Actions run JSON files and emits a report. Before running: (1) confirm RUN_GLOB points only to the intended artifacts directory so you don't accidentally scan unrelated JSON files; (2) if you want to collect run JSON with the GitHub CLI, you will need gh and an authenticated session (the skill itself does not request or manage credentials); (3) run against the included fixtures first (RUN_GLOB=skills/.../fixtures/*.json) to verify output; (4) inspect any real artifacts you feed it for sensitive data before uploading or sharing results.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsbash, python3
latestvk97exf6pndsejzkh753t20tt4182ewn6
242downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
Daniel Lummis@daniellummis
latest
Download

GitHub Actions Recovery Latency Audit

Use this skill to measure how quickly workflows recover after failing, and to detect groups that remain red for too long.

What this skill does

  • Reads GitHub Actions run JSON exports
  • Groups by repository + workflow + branch + event
  • Builds failure incidents (first failing run until next success)
  • Reports recovery latency for closed incidents
  • Reports unresolved incident count + oldest unresolved age
  • Scores severity (ok, warn, critical) for triage and CI gates

Inputs

Optional:

  • RUN_GLOB (default: artifacts/github-actions/*.json)
  • TOP_N (default: 20)
  • OUTPUT_FORMAT (text or json, default: text)
  • MIN_RUNS (default: 4)
  • WARN_P95_HOURS (default: 6)
  • CRITICAL_P95_HOURS (default: 18)
  • WARN_OPEN_HOURS (default: 12)
  • CRITICAL_OPEN_HOURS (default: 36)
  • WARN_OPEN_INCIDENTS (default: 1)
  • CRITICAL_OPEN_INCIDENTS (default: 2)
  • NOW_ISO (optional fixed clock for deterministic tests)
  • WORKFLOW_MATCH / WORKFLOW_EXCLUDE (regex)
  • BRANCH_MATCH / BRANCH_EXCLUDE (regex)
  • EVENT_MATCH / EVENT_EXCLUDE (regex)
  • REPO_MATCH / REPO_EXCLUDE (regex)
  • FAIL_ON_CRITICAL (0 or 1, default: 0)

Collect run JSON

gh run view <run-id> --json databaseId,workflowName,event,conclusion,headBranch,createdAt,url,repository \
  > artifacts/github-actions/run-<run-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
TOP_N=15 \
bash skills/github-actions-recovery-latency-audit/scripts/recovery-latency-audit.sh

JSON + fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-recovery-latency-audit/scripts/recovery-latency-audit.sh

Run against bundled fixtures:

RUN_GLOB='skills/github-actions-recovery-latency-audit/fixtures/*.json' \
NOW_ISO='2026-03-07T14:00:00Z' \
bash skills/github-actions-recovery-latency-audit/scripts/recovery-latency-audit.sh

Output contract

  • Exit 0 in report mode (default)
  • Exit 1 when FAIL_ON_CRITICAL=1 and one or more groups are critical
  • Text mode prints summary + ranked recovery-risk groups
  • JSON mode prints summary + ranked groups + critical groups

Comments

Loading comments...