GitHub Actions Manual Trigger Audit — GitHub Actions Manual Trigger 审计

v1.0.0

审计 manual GitHub Actions trigger dependence by 工作流/event to flag 自动化 gaps and intervention risk.

0· 351·0 当前·0 累计

by @daniellummis (Daniel Lummis)·MIT-0

开发工具代码生成安全加密 CI/CD

下载技能包

License

MIT-0

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install github-actions-manual-trigger-audit

镜像加速npx clawhub@latest install github-actions-manual-trigger-audit --registry https://cn.longxiaskill.com 镜像可用

需要定制？告诉我你的需求 →

技能文档

GitHub Actions Manual Trigger 审计

Use this 技能 to 检测工作流s that rely too heavily on manual triggers (工作流_dis补丁 / 仓库_dis补丁) instead of automated CI 事件.

What this 技能 does Reads GitHub Actions 运行 JSON 导出s Groups 运行s by 仓库 + 工作流 (+ branch) Measures manual-trigger 分享 vs total 运行 volume 追踪s recent manual-trigger streaks (latest N 运行s) Scores severity (ok, warn, critical) for operational risk gating Emits text or JSON 输出 for 自动化输入s

Optional:

运行_GLOB (default: artifacts/github-actions/.json) TOP_N (default: 20) 输出_格式化 (text or json, default: text) GROUP_BY (工作流 or 工作流-branch, default: 工作流) MANUAL_事件 (comma-separated, default: 工作流_dis补丁,仓库_dis补丁) RECENT_WINDOW (latest 运行s inspected for streak, default: 5) MIN_运行S (minimum 运行s required, default: 5) WARN_MANUAL_RATIO (0..1, default: 0.35) CRITICAL_MANUAL_RATIO (0..1, default: 0.65) WARN_MANUAL_运行S (default: 5) CRITICAL_MANUAL_运行S (default: 12) WARN_RECENT_MANUAL_STREAK (default: 3) CRITICAL_RECENT_MANUAL_STREAK (default: 5) 工作流_MATCH / 工作流_EXCLUDE (regex, optional) BRANCH_MATCH / BRANCH_EXCLUDE (regex, optional) EVENT_MATCH / EVENT_EXCLUDE (regex, optional) REPO_MATCH / REPO_EXCLUDE (regex, optional) FAIL_ON_CRITICAL (0 or 1, default: 0) Collect 运行 JSON gh 运行 view <运行-id> --json databaseId,工作流Name,event,headBranch,conclusion,创建dAt,更新dAt,url,仓库 \ > artifacts/github-actions/运行-<运行-id>.json

运行

Text 报告:

运行_GLOB='artifacts/github-actions/.json' \ bash 技能s/github-actions-manual-trigger-审计/scripts/manual-trigger-审计.sh

JSON 输出 + fAIl gate:

运行_GLOB='artifacts/github-actions/.json' \ 输出_格式化=json \ FAIL_ON_CRITICAL=1 \ bash 技能s/github-actions-manual-trigger-审计/scripts/manual-trigger-审计.sh

运行 agAInst bundled fixtures:

运行_GLOB='技能s/github-actions-manual-trigger-审计/fixtures/.json' \ bash 技能s/github-actions-manual-trigger-审计/scripts/manual-trigger-审计.sh

输出 contract Exit 0 in 报告 mode (default) Exit 1 when FAIL_ON_CRITICAL=1 and one or more groups are critical Text mode prints summary + ranked 工作流 groups JSON mode prints summary + ranked groups + critical groups

License

运行时依赖

安装命令

技能文档

相关技能推荐