github-actions-mainline-health-audit
Audit GitHub Actions mainline branch reliability by scoring failure rate, consecutive failures, and stale-success risk for critical workflows.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/daniellummis/github-actions-mainline-health-auditGitHub Actions Mainline Health Audit
Use this skill to detect unstable workflows on protected branches (main/master/release) before they silently degrade delivery confidence.
What this skill does
- Reads GitHub Actions run JSON exports
- Filters to mainline/protected branches (configurable regex)
- Groups by repository + workflow + branch + event
- Scores risk using:
- failure rate
- current consecutive failure streak
- days since last successful run
- Flags warning/critical groups based on configurable thresholds
- Emits text or JSON output for CI checks and ops dashboards
Inputs
Optional:
RUN_GLOB(default:artifacts/github-actions/*.json)TOP_N(default:20)OUTPUT_FORMAT(textorjson, default:text)MIN_RUNS(default:2)MAINLINE_BRANCH_MATCH(default:^(main|master|release.*)$)WORKFLOW_MATCH(regex, optional)WORKFLOW_EXCLUDE(regex, optional)EVENT_MATCH(regex, optional)EVENT_EXCLUDE(regex, optional)REPO_MATCH(regex, optional)REPO_EXCLUDE(regex, optional)HEAD_SHA_MATCH(regex, optional)HEAD_SHA_EXCLUDE(regex, optional)CONCLUSION_MATCH(regex, optional)CONCLUSION_EXCLUDE(regex, optional)RUN_ID_MATCH(regex, optional)RUN_ID_EXCLUDE(regex, optional)RUN_URL_MATCH(regex, optional)RUN_URL_EXCLUDE(regex, optional)FAIL_WARN_PERCENT(default:20)FAIL_CRITICAL_PERCENT(default:40)STALE_SUCCESS_DAYS(default:7)WARN_SCORE(default:30)CRITICAL_SCORE(default:55)FAIL_ON_CRITICAL(0or1, default:0)
Collect run JSON
gh run view <run-id> --json databaseId,workflowName,event,conclusion,headBranch,headSha,createdAt,updatedAt,startedAt,url,repository \
> artifacts/github-actions/run-<run-id>.json
Run
Text report:
RUN_GLOB='artifacts/github-actions/*.json' \
MAINLINE_BRANCH_MATCH='^(main|release/.*)$' \
HEAD_SHA_MATCH='^[a-f0-9]{7,40}$' \
CONCLUSION_EXCLUDE='^(success)$' \
RUN_ID_MATCH='^50(0[1-5])$' \
MIN_RUNS=3 \
bash skills/github-actions-mainline-health-audit/scripts/mainline-health-audit.sh
JSON output with fail gate:
RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-mainline-health-audit/scripts/mainline-health-audit.sh
Run with bundled fixtures:
RUN_GLOB='skills/github-actions-mainline-health-audit/fixtures/*.json' \
bash skills/github-actions-mainline-health-audit/scripts/mainline-health-audit.sh
Output contract
- Exit
0in report mode (default) - Exit
1whenFAIL_ON_CRITICAL=1and one or more groups are critical - Text mode prints summary + ranked mainline-risk groups
- JSON mode prints summary + scored groups + critical group details
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-daniellummis-github-actions-mainline-health-audit": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
github-actions-recovery-latency-audit
Measure GitHub Actions failure recovery latency and unresolved incident age by workflow group.
github-actions-cache-hardening-audit
Audit GitHub Actions workflow cache usage for poisoning, keying, and secret-path risks.
render-env-guard
Preflight-check Render service environment variables before deploys; catches missing keys and placeholder/template values that commonly break production rollouts.
github-actions-trigger-health-audit
Audit GitHub Actions run health by trigger event and workflow so flaky or noisy automation sources are easy to prioritize.
github-actions-run-gap-audit
Detect GitHub Actions workflow groups that stopped running on their normal cadence using median run intervals and current inactivity gap.