CI/CD Pipeline Linter / CI/CD 流水线检查器

Lint GitHub Actions, GitLab CI, and Jenkinsfile syntax, detect common pitfalls and security issues. / 检查 GitHub Actions、GitLab CI 和 Jenkinsfile 语法,发现常见陷阱与安全问题。

Install

openclaw skills install @kingaiwork/ci-cd-pipeline-lint

⚙️ CI/CD Pipeline Linter / CI/CD 流水线检查器

Lint GitHub Actions, GitLab CI, and Jenkinsfile syntax, detect common pitfalls and security issues. / 检查 GitHub Actions、GitLab CI 和 Jenkinsfile 语法,发现常见陷阱与安全问题。

🦁 由 KingAI.Work 出品 — 智能进化|vip@kingai.work


Features / 功能特性

• Scans GitHub Actions, GitLab CI, and Jenkinsfile for syntax errors / 精准扫描 GitHub Actions、GitLab CI 与 Jenkinsfile 语法错误,让流水线运行前就排除隐患 • Detects 50+ common pipeline pitfalls including infinite loops and variable shadowing / 识别超过50种常见陷阱(如死循环、变量覆盖),从根源提升稳定性 • Flags insecure patterns like hard-coded secrets and excessive permissions / 自动标记硬编码密钥、权限过大等安全隐患,为安全加固提供明确指引 • Supports custom rule sets via config file for enterprise standardization / 支持通过配置文件自定义规则集,确保团队流水线风格统一(Pro 专属) • Performs deep dependency traversal to catch multi-stage misconfigurations / 深度追踪多阶段依赖关系,发现跨阶段配置冲突(Pro 版独家能力) • Integrates directly into PR checks for real-time feedback with fix suggestions / 可直接集成至 PR 检查,实时反馈并附带修复建议,极大减少返工

Quick Start / 快速开始

bash
bash lint-ci .github/workflows --format sarif -o report.sarif Scans all workflow files in the given directory and outputs a SARIF report. / 扫描指定目录下的所有工作流文件,并以 SARIF 格式输出报告,便于集成到安全仪表盘中。 

Use Cases / 使用场景

• A developer pushes a GitHub Actions workflow with a misconfigured matrix build that could cause 100x parallel job spawn. The linter flags it before merge, preventing cloud cost overruns. / 开发者提交了一个矩阵构建配置错误的 GitHub Actions 工作流,可能引发100倍并行任务激增。该检查器在合并前即标记问题,避免云成本失控。 • A DevOps team adopts GitLab CI for a new microservice but accidentally uses an outdated runner image with known CVEs. The linter catches the insecure image reference and suggests a patched alternative. / 团队为新微服务采用 GitLab CI,但误用了含有已知漏洞的旧版 Runner 镜像。检查器准确捕获该不安全镜像引用,并推荐已修补的替代版本。 • An engineering manager reviews a Jenkinsfile written by a contractor and finds no obvious issues, but the linter reveals a credential leak via environment variable misuse. / 工程经理审查外包编写的 Jenkinsfile 看似没问题,检查器却通过环境变量误用发现凭证泄露风险,避免了一次安全事件。

Plans / 方案对比

FeatureFreePro
Core / 核心功能
Batch / 批量处理
AI / AI 增强
Support / 支持CommunityPriority

• Unlock advanced custom rule engine to scan hundreds of pipelines with your own security policies / 解锁高级自定义规则引擎,用企业自有安全策略扫描数百条流水线 • Gain proactive multi-job dependency analysis that catches cross-stage configuration drift / 获得主动式多任务依赖分析,及时发现跨阶段配置漂移问题 • Access priority support with configuration templates optimized for large-scale CI/CD environments / 享受专属优先支持,获取为大型 CI/CD 环境优化的配置模板\n\n

📦 Published by King AI — kingai.work