openclaw 网盘下载
OpenClaw

技能详情(站内镜像,无评论)

首页 > 技能库 > GitHub Actions Artifact Budget Audit

Audit GitHub Actions artifact storage usage from JSON exports so bloated artifacts are flagged before they inflate CI cost.

开发与 DevOps

作者:Daniel Lummis @daniellummis

许可证:MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本:v1.0.0

统计:⭐ 0 · 150 · 0 current installs · 0 all-time installs

0

安装量(当前) 0

🛡 VirusTotal :良性 · OpenClaw :良性

Package:daniellummis/github-actions-artifact-budget-audit

安全扫描(ClawHub)

  • VirusTotal :良性
  • OpenClaw :良性

OpenClaw 评估

The skill's code and instructions match its stated purpose (parsing local GitHub Actions artifact JSON exports to report oversized artifacts); it asks for no credentials and contains no apparent exfiltration or unrelated privileges.

目的

Name/description, SKILL.md examples, fixtures, and the script all focus on reading local artifact JSON files, grouping by repo/artifact, and reporting size/expiry. Required binaries (bash, python3) are appropriate and nothing unrelated is requested.

说明范围

Runtime instructions only direct the agent/user to gather gh API JSON exports (optional) and run the bundled script with environment flags. The script only reads files, parses JSON, aggregates stats, and prints JSON/text; it does not download artifact archives or call external endpoints.

安装机制

No install spec (instruction-only with a bundled script). No remote downloads or packages are installed by the skill itself.

证书

The skill requires no environment variables or credentials. The SKILL.md suggests using 'gh api' to produce JSON exports, which may require GitHub auth when the user runs that step, but the skill itself does not request tokens or access unrelated secrets.

持久

Flags show normal defaults (not always:true). The skill does not claim or perform any persistent changes to agent/system configuration and requests no elevated privileges.

综合结论

This skill appears coherent and limited to parsing local GitHub artifact JSON exports and reporting oversized/stale artifacts. Before running: (1) Inspect the bundled script (already provided) yourself or run it in an isolated environment if you have any doubts. (2) If you use the 'gh api' command to collect JSON, that step may require GitHub authentication (use the minimum-scoped token or an authenticated gh session). (3) The script records a…

安装(复制给龙虾 AI)

将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「GitHub Actions Artifact Budget Audit」。简介:Audit GitHub Actions artifact storage usage from JSON exports so bloated artifa…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/daniellummis/github-actions-artifact-budget-audit/SKILL.md
(来源:yingzhi8.cn 技能库)

SKILL.md

打开原始 SKILL.md(GitHub raw)

---
name: github-actions-artifact-budget-audit
description: Audit GitHub Actions artifact storage usage from JSON exports so bloated artifacts are flagged before they inflate CI cost.
version: 1.0.0
metadata: {"openclaw":{"requires":{"bins":["bash","python3"]}}}
---

# GitHub Actions Artifact Budget Audit

Use this skill to detect oversized or stale GitHub Actions artifacts across repositories.

## What this skill does
- Reads one or more GitHub artifact JSON exports (`gh api` output)
- Calculates artifact size in MB and totals by repository + artifact name
- Flags warn/critical artifacts by configurable size thresholds
- Highlights soon-to-expire artifact volume to prioritize cleanup
- Supports text and JSON output for terminal or dashboards

## Inputs
Optional:
- `ARTIFACT_GLOB` (default: `artifacts/github-actions-artifacts/*.json`)
- `TOP_N` (default: `20`)
- `OUTPUT_FORMAT` (`text` or `json`, default: `text`)
- `WARN_MB` (default: `250`)
- `CRITICAL_MB` (default: `750`)
- `SOON_EXPIRES_DAYS` (default: `7`)
- `FAIL_ON_CRITICAL` (`0` or `1`, default: `0`)
- `REPO_MATCH` (regex, optional)
- `REPO_EXCLUDE` (regex, optional)
- `ARTIFACT_MATCH` (regex, optional)
- `ARTIFACT_EXCLUDE` (regex, optional)

## Collect artifact JSON

Single repository:

```bash
gh api repos/<owner>/<repo>/actions/artifacts --paginate 
  > artifacts/github-actions-artifacts/<owner>-<repo>.json
```

Combined multi-repo payloads are also supported as long as each file includes an `artifacts` array.

## Run

Text report:

```bash
ARTIFACT_GLOB='artifacts/github-actions-artifacts/*.json' 
WARN_MB=300 
CRITICAL_MB=900 
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh
```

JSON output for automation:

```bash
ARTIFACT_GLOB='artifacts/github-actions-artifacts/*.json' 
OUTPUT_FORMAT=json 
FAIL_ON_CRITICAL=1 
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh
```

Filter to one repo and artifact family:

```bash
ARTIFACT_GLOB='artifacts/github-actions-artifacts/*.json' 
REPO_MATCH='^flowcreatebot/' 
ARTIFACT_MATCH='(test-results|coverage)' 
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh
```

Run with bundled fixtures:

```bash
ARTIFACT_GLOB='skills/github-actions-artifact-budget-audit/fixtures/*.json' 
bash skills/github-actions-artifact-budget-audit/scripts/artifact-budget-audit.sh
```

## Output contract
- Exit `0` in reporting mode (default)
- Exit `1` if `FAIL_ON_CRITICAL=1` and at least one artifact is at/above `CRITICAL_MB`
- In `text` mode: prints summary and top oversized artifact groups
- In `json` mode: prints summary, grouped artifact stats, and critical artifact instances