Audit deployment workflow risk from GitHub Actions runs by scoring failure rate, unresolved failure streaks, and time since last successful deploy.
Use this skill to rank deployment workflows that are currently risky to trust for production releases.
Optional:
RUN_GLOB (default: artifacts/github-actions/*.json)TOP_N (default: 20)OUTPUT_FORMAT (text or json, default: text)MIN_RUNS (default: 2)DEPLOY_WORKFLOW_MATCH (default: (?i)(deploy|release|ship|production))BRANCH_MATCH (regex, optional)BRANCH_EXCLUDE (regex, optional)REPO_MATCH (regex, optional)REPO_EXCLUDE (regex, optional)FAIL_WARN_PERCENT (default: 20)FAIL_CRITICAL_PERCENT (default: 40)STALE_SUCCESS_DAYS (default: 7)WARN_SCORE (default: 35)CRITICAL_SCORE (default: 60)FAIL_ON_CRITICAL (0 or 1, default: 0)gh run view <run-id> --json databaseId,workflowName,event,conclusion,headBranch,headSha,createdAt,updatedAt,startedAt,url,repository \
> artifacts/github-actions/run-<run-id>.json
Text report:
RUN_GLOB='artifacts/github-actions/*.json' \
DEPLOY_WORKFLOW_MATCH='(?i)(deploy|release)' \
MIN_RUNS=3 \
bash skills/github-actions-deploy-risk-audit/scripts/deploy-risk-audit.sh
JSON output with fail gate:
RUN_GLOB='artifacts/github-actions/*.json' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-deploy-risk-audit/scripts/deploy-risk-audit.sh
Run with bundled fixtures:
RUN_GLOB='skills/github-actions-deploy-risk-audit/fixtures/*.json' \
bash skills/github-actions-deploy-risk-audit/scripts/deploy-risk-audit.sh
0 in report mode (default)1 when FAIL_ON_CRITICAL=1 and one or more groups are criticalZIP package — ready to use