Audit GitHub Actions queue wait hotspots from run/job JSON so CI bottlenecks are visible before they stall merges.
Audit deployment workflow risk from GitHub Actions runs by scoring failure rate, unresolved failure streaks, and time since last successful deploy.
Audit GitHub Actions runs for fail-then-success retry recovery patterns to quantify flaky rerun waste.
Audit GitHub Actions run reliability by actor to surface high-risk contributors and flaky automation owners.
Audit GitHub Actions workflows that use self-hosted runners for untrusted trigger and credential-hardening risks.
Audit manual GitHub Actions trigger dependence by workflow/event to flag automation gaps and intervention risk.
Security auditing for git commits, repos, and skills before publishing. Run automatically before any `git commit`, `git push`, or `clawhub publish`. Detects...
Audit GitHub merge queue workflow health with failure-rate, queue-latency, and stale-success risk scoring.
Audit cancelled and timed-out GitHub Actions runs from JSON exports to surface wasted CI minutes and noisy workflows.
Audit GitHub Actions artifact storage usage from JSON exports so bloated artifacts are flagged before they inflate CI cost.
--- name: audit-code description: Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities disable-model-invocation: true allowed-tools: Read, Glob, Grep, Bash c
Audit failing GitHub Actions runs by actor ownership to expose who/workflow combinations generate the most CI noise and wasted minutes.
Audit GitHub Actions workflow files for secret exposure risks like pull_request_target secret usage, secret echo commands, and unpinned action secret passing.
Audit pull-request and merge-queue GitHub Actions reliability by scoring failure rate, queue latency, and stale-success risk for merge gates.
Audit GitHub Actions failure timing by day/hour to surface recurring outage windows and staffing hotspots.
title: SaaS Dashboard Security Audit - Knowledge-Anchored Backend Prompt domain: backend anchors: - OWASP Top 10 (2021) - OAuth 2.0 / OIDC - REST Constraints (Fielding) - Security Misconfigura
Audit GitHub Actions cloud auth workflows for OIDC hardening gaps like missing id-token write permissions, static cloud secrets, and floating auth action refs.
Audits your listing against top competitors to identify key copy and proof gaps, prioritizing actionable rewrites to improve conversion and competitiveness.
Audit GitHub Actions job runtime risk against timeout thresholds so near-timeout jobs get fixed before they fail CI.
Audit GitHub Actions mainline branch reliability by scoring failure rate, consecutive failures, and stale-success risk for critical workflows.
Audit GitHub Actions rerun dependency and success-after-rerun effectiveness to highlight workflows wasting CI time.
Audit GitHub Actions workflow conclusion volatility to surface unstable pipelines before they become chronic failures.
Audit GitHub Actions reliability by commit SHA to surface risky commits causing repeated workflow failures across branches.
Audit GitHub Actions run health by trigger event and workflow so flaky or noisy automation sources are easy to prioritize.