ClawHub

GitHub Actions Commit Health Audit

v1.0.0

Audit GitHub Actions reliability by commit SHA to surface risky commits causing repeated workflow failures across branches.

0· 252·0 current·0 all-time
byDaniel Lummis@daniellummis

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for daniellummis/github-actions-commit-health-audit.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "GitHub Actions Commit Health Audit" (daniellummis/github-actions-commit-health-audit) from ClawHub.
Skill page: https://clawhub.ai/daniellummis/github-actions-commit-health-audit
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: bash, python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install github-actions-commit-health-audit

ClawHub CLI

Package manager switcher

npx clawhub@latest install github-actions-commit-health-audit
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the implementation: the script reads run JSON files, aggregates by repository+SHA, computes failure rates and a heuristic score, and emits text/JSON reports. Required binaries (bash, python3) are appropriate for the bundled shell + python implementation. Minor note: the SKILL.md shows an example using the 'gh' CLI to produce run JSON exports, but 'gh' is not declared in the required binaries list; this is an omission in metadata but does not imply malicious behavior.
Instruction Scope
Runtime instructions and the script operate on local JSON files (RUN_GLOB) and environment inputs documented in SKILL.md. The code parses only the provided JSON artifacts, applies regex filters, and computes scores. It does not reference unexpected system paths or other environment variables beyond those documented. The SKILL.md does suggest using 'gh run view' to collect artifacts (a separate step) — that command would be executed by the user outside the skill if they follow the guide.
Install Mechanism
There is no install spec (instruction-only with a shipped script), so nothing is downloaded or written to disk by an installer. The script is included in the bundle; runtime execution will only run local code using bash/python3.
Credentials
The skill declares no required environment variables or credentials and the script only uses the documented optional env inputs (RUN_GLOB, TOP_N, OUTPUT_FORMAT, etc.). There is no request for unrelated secrets or configuration.
Persistence & Privilege
The skill does not request permanent or elevated privileges (always is false). It does not modify other skills or system-wide configuration in the provided files; it simply reads local artifact JSON files and writes reports/exit codes as expected.
Assessment
This skill appears to do what it says: analyze local GitHub Actions run JSON exports and report risky commits. Before installing/using it: 1) Note SKILL.md shows using the GitHub CLI ('gh run view') to collect run JSONs — ensure you have 'gh' available if you want to use that collection step (the script itself does not invoke 'gh'). 2) Run the bundled fixtures first (RUN_GLOB pointing at skills/.../fixtures/*.json) to verify output and behavior. 3) Inspect the full script if you have strict policies (the included code runs locally and the visible parts do not perform network calls or read secrets). 4) Ensure artifacts you point RUN_GLOB at do not contain sensitive tokens or secrets, and run the script in an environment you control. 5) If you need automated collection of run JSONs, prefer running 'gh' manually or via CI with minimal-scoped tokens rather than giving broad credentials to external tools.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsbash, python3
latestvk9758w0p7w97m16bjs9r5qgges82f8jt
252downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
Daniel Lummis@daniellummis
latest
Download

GitHub Actions Commit Health Audit

Use this skill to find commits that repeatedly fail CI so teams can prioritize rollback, revert, or targeted fixes.

What this skill does

  • Reads GitHub Actions run JSON exports
  • Groups runs by repository + commit SHA
  • Scores commit risk using failure rate, failed-run volume, and workflow spread
  • Flags warning/critical commit hotspots
  • Emits text or JSON output for CI checks and triage dashboards

Inputs

Optional:

  • RUN_GLOB (default: artifacts/github-actions/*.json)
  • TOP_N (default: 20)
  • OUTPUT_FORMAT (text or json, default: text)
  • MIN_RUNS (default: 2)
  • BRANCH_MATCH (regex, optional)
  • BRANCH_EXCLUDE (regex, optional)
  • WORKFLOW_MATCH (regex, optional)
  • WORKFLOW_EXCLUDE (regex, optional)
  • REPO_MATCH (regex, optional)
  • REPO_EXCLUDE (regex, optional)
  • SHA_MATCH (regex, optional)
  • SHA_EXCLUDE (regex, optional)
  • FAIL_WARN_PERCENT (default: 25)
  • FAIL_CRITICAL_PERCENT (default: 50)
  • WARN_SCORE (default: 35)
  • CRITICAL_SCORE (default: 60)
  • FAIL_ON_CRITICAL (0 or 1, default: 0)

Collect run JSON

gh run view <run-id> --json databaseId,workflowName,event,conclusion,headBranch,headSha,createdAt,updatedAt,startedAt,url,repository \
  > artifacts/github-actions/run-<run-id>.json

Run

Text report:

RUN_GLOB='artifacts/github-actions/*.json' \
MIN_RUNS=3 \
bash skills/github-actions-commit-health-audit/scripts/commit-health-audit.sh

JSON output with fail gate:

RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-commit-health-audit/scripts/commit-health-audit.sh

Run with bundled fixtures:

RUN_GLOB='skills/github-actions-commit-health-audit/fixtures/*.json' \
bash skills/github-actions-commit-health-audit/scripts/commit-health-audit.sh

Output contract

  • Exit 0 in report mode (default)
  • Exit 1 when FAIL_ON_CRITICAL=1 and one or more commits are critical
  • Text mode prints summary + ranked commit-risk groups
  • JSON mode prints summary + scored groups + critical commit details

Comments

Loading comments...