github-actions-self-hosted-risk-audit

Audit GitHub Actions workflows that use self-hosted runners for untrusted trigger and credential-hardening risks.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "github-actions-self-hosted-risk-audit" with this command: npx skills add daniellummis/github-actions-self-hosted-risk-audit

GitHub Actions Self-Hosted Risk Audit

Use this skill to flag risky workflow patterns when jobs run on self-hosted GitHub Actions runners.

What this skill does

  • Scans workflow YAML files (.github/workflows/*.yml by default)
  • Detects workflows that reference self-hosted runners
  • Flags high-risk trigger combinations (pull_request_target, pull_request, issue_comment)
  • Flags broad/self-hosted-only runner selection (no extra routing labels)
  • Flags workflows with write-capable permissions in self-hosted contexts
  • Flags actions/checkout steps that do not set persist-credentials: false
  • Supports text/json output and CI fail gate

Inputs

Optional:

  • WORKFLOW_GLOB (default: .github/workflows/*.y*ml)
  • TOP_N (default: 20)
  • OUTPUT_FORMAT (text or json, default: text)
  • WARN_SCORE (default: 4)
  • CRITICAL_SCORE (default: 8)
  • WORKFLOW_FILE_MATCH / WORKFLOW_FILE_EXCLUDE (regex, optional)
  • FAIL_ON_CRITICAL (0 or 1, default: 0)

Run

Text report:

WORKFLOW_GLOB='.github/workflows/*.yml' \
WARN_SCORE=4 \
CRITICAL_SCORE=8 \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

JSON output + fail gate:

WORKFLOW_GLOB='.github/workflows/*.y*ml' \
OUTPUT_FORMAT=json \
FAIL_ON_CRITICAL=1 \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

Run against bundled fixtures:

WORKFLOW_GLOB='skills/github-actions-self-hosted-risk-audit/fixtures/*.y*ml' \
bash skills/github-actions-self-hosted-risk-audit/scripts/self-hosted-risk-audit.sh

Output contract

  • Exit 0 in reporting mode (default)
  • Exit 1 when FAIL_ON_CRITICAL=1 and one or more workflows are critical
  • Text mode prints summary + top flagged workflows
  • JSON mode prints summary + flagged workflows + critical workflows

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

agent-bom

Security scanner for AI infrastructure and supply chain — discovers MCP clients and servers, scans for CVEs, maps blast radius, generates SBOMs, runs CIS ben...

Registry SourceRecently Updated
0799
msaad00
Security

Skill Guard

Skill Security Scanner - Scan for risks before download/use. Check: code execution, file ops, network requests, command injection, vulnerabilities, permissio...

Registry SourceRecently Updated
014
Profile unavailable
Security

aig-scanner

Comprehensive OpenClaw security scanning powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or sec...

Registry SourceRecently Updated
0142
Profile unavailable