技能详情(站内镜像,无评论)
作者:Daniel Lummis @daniellummis
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 180 · 0当前安装量· 0历史安装量
⭐ 0
安装量(当前) 0
🛡 VirusTotal :可疑 · OpenClaw :良性
Package:daniellummis/github-actions-conclusion-volatility-audit
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :良性
OpenClaw 评估
The skill's code, instructions, and required binaries align with its stated purpose of analyzing GitHub Actions run JSON exports for workflow volatility; there are no unexpected network endpoints, secret requests, or installs.
目的
The name/description match the implementation: the script reads GitHub Actions run JSON files, groups runs, computes transition-based volatility, and emits text/JSON reports. Required binaries (bash, python3) are appropriate for the provided shell + embedded Python implementation.
说明范围
SKILL.md and the script consistently instruct the agent to collect run JSON (example uses 'gh run view'), run the audit script against artifacts/* JSON files, and emit results or fail CI on critical groups. The instructions operate only on local JSON artifacts and do not instruct broad file-system reads or transmitting data to unknown endpoints.
安装机制
This is an instruction-only skill with one included script file; there is no install spec, no archives or third-party downloads, and nothing is written to disk beyond the normal execution of the script and the user-supplied artifacts. Risk from the install mechanism is minimal.
证书
The skill declares no required environment variables and the script accepts many optional environment switches (RUN_GLOB, thresholds, filters). One thing to note: SKILL.md shows collecting run JSON via the 'gh' CLI, which uses the user's GitHub authentication (stored credentials or token). The skill itself does not request any secrets, which is proportionate, but collectors (gh) will use whatever GitHub auth is configured on the host.
持久
The skill is not always-enabled and has no install-time persistence. It does not modify other skills or system-wide config. Autonomous invocation is allowed (platform default) but not combined with elevated privileges or secret access.
综合结论
This skill appears to do what it says: analyze GitHub Actions run JSON files and report unstable workflows. Before installing/run: (1) Ensure bash and python3 are available. (2) Prepare artifacts by exporting workflow runs (the SKILL.md suggests using 'gh run view' — that will contact GitHub and use the host's gh authentication), and ensure you are comfortable with that network access and the credentials the gh CLI will use. (3) Run the script…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「GitHub Actions Conclusion Volatility Audit」。简介:Audit GitHub Actions workflow conclusion volatility to surface unstable pipelin…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/daniellummis/github-actions-conclusion-volatility-audit/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: github-actions-conclusion-volatility-audit
description: Audit GitHub Actions workflow conclusion volatility to surface unstable pipelines before they become chronic failures.
version: 1.0.0
metadata: {"openclaw":{"requires":{"bins":["bash","python3"]}}}
---
# GitHub Actions Conclusion Volatility Audit
Use this skill to detect unstable workflows that frequently flip between success and failure-like outcomes.
## What this skill does
- Reads one or more workflow run JSON exports
- Groups runs by repository + workflow + branch
- Calculates volatility using conclusion transitions across run history
- Flags groups by warn/critical instability thresholds
- Emits text or JSON output for CI reporting and quality gates
## Inputs
Optional:
- `RUN_GLOB` (default: `artifacts/github-actions/*.json`)
- `TOP_N` (default: `20`)
- `OUTPUT_FORMAT` (`text` or `json`, default: `text`)
- `MIN_RUNS` (default: `5`) — minimum runs before severity is applied
- `WARN_INSTABILITY_PCT` (default: `35`)
- `CRITICAL_INSTABILITY_PCT` (default: `60`)
- `FAIL_ON_CRITICAL` (`0` or `1`, default: `0`)
- `WORKFLOW_MATCH`, `WORKFLOW_EXCLUDE` (regex, optional)
- `BRANCH_MATCH`, `BRANCH_EXCLUDE` (regex, optional)
- `REPO_MATCH`, `REPO_EXCLUDE` (regex, optional)
Failure-like conclusions are: `failure`, `cancelled`, `timed_out`, `action_required`, `startup_failure`.
## Collect run JSON
```bash
gh run view <run-id> --json databaseId,workflowName,headBranch,conclusion,createdAt,updatedAt,url,repository
> artifacts/github-actions/run-<run-id>.json
```
## Run
Text report:
```bash
RUN_GLOB='artifacts/github-actions/*.json'
WARN_INSTABILITY_PCT=35
CRITICAL_INSTABILITY_PCT=60
bash skills/github-actions-conclusion-volatility-audit/scripts/conclusion-volatility-audit.sh
```
JSON output + fail gate:
```bash
RUN_GLOB='artifacts/github-actions/*.json'
OUTPUT_FORMAT=json
FAIL_ON_CRITICAL=1
bash skills/github-actions-conclusion-volatility-audit/scripts/conclusion-volatility-audit.sh
```
## Output contract
- Exit `0` in reporting mode
- Exit `1` when `FAIL_ON_CRITICAL=1` and one or more critical groups are found
- Text output includes summary and top unstable workflow groups
- JSON output includes `summary`, ranked `groups`, and `critical_groups`