Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From acc
Detects CI/CD antipatterns in GitHub Actions workflows, identifying performance bottlenecks, security risks, maintenance issues, and reliability problems with remediation guidance.
npx claudepluginhub dykyi-roman/awesome-claude-code --plugin accHow this skill is triggered — by the user, by Claude, or both
Slash command
/acc:detect-ci-antipatternsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Detects common CI/CD antipatterns and provides remediation guidance.
Analyzes GitHub Actions and GitLab CI configurations for structure issues, caching efficiency, security risks, performance optimizations, and best practices. Useful for auditing and improving CI/CD pipelines.
Audit an existing CI/CD pipeline for slowness, security issues, and reliability gaps. Use when asked to "audit pipeline", "why is CI slow", "pipeline review", or "deployment review".
Audits CI/CD pipelines for slowness, security issues, and reliability gaps in GitHub Actions, GitLab CI, CircleCI, Jenkins, and Docker setups. Use for 'audit pipeline', slowdowns, or deployment reviews.
Share bugs, ideas, or general feedback.
Detects common CI/CD antipatterns and provides remediation guidance.
.github/workflows/*.yml)| ID | Antipattern | Detection | Category |
|---|---|---|---|
| PERF-001 | Sequential jobs | needs on independent jobs | Performance |
| PERF-002 | No caching | Missing actions/cache | Performance |
| PERF-003 | Duplicate installs | Multiple composer install | Performance |
| SEC-001 | Secrets in logs | echo.*secrets\. | Security |
| SEC-002 | Mutable actions | uses:.*@(main|master|v\d)$ | Security |
| SEC-003 | No permissions | Missing permissions: | Security |
| SEC-004 | Unsafe PR target | pull_request_target + untrusted checkout | Security |
| MAINT-001 | Duplicated config | Similar job definitions | Maintenance |
| MAINT-002 | Hardcoded values | Repeated version strings | Maintenance |
| MAINT-003 | No workflow reuse | Identical steps across workflows | Maintenance |
| REL-001 | No timeouts | Missing timeout-minutes | Reliability |
| REL-002 | No health checks | Services without options: | Reliability |
| REL-003 | No retry | Network ops without retry logic | Reliability |
| Category | Severity |
|---|---|
| Security (SEC-*) | Critical |
| Performance (PERF-*) | Major |
| Reliability (REL-*) | Major |
| Maintenance (MAINT-*) | Minor |
# CI Antipattern Analysis
**File:** `.github/workflows/ci.yml`
**Total Antipatterns:** N
## Summary by Category
| Category | Count | Impact |
|----------|-------|--------|
| Performance | N | +X min/build |
| Security | N | Risk level |
| Maintenance | N | Technical debt |
| Reliability | N | Flaky builds |
## Detected Antipatterns
### [ID]: [Title]
**Severity:** Critical/Major/Minor
**Impact:** [Specific impact]
**Location:** Lines X-Y
**Current:**
[Problematic configuration]
**Fix:**
[Corrected configuration]
## Estimated Improvements
| Metric | Before | After | Improvement |
|--------|--------|-------|-------------|
| Build time | X min | Y min | -Z% |
| Security score | C | A | +N grades |
## Remediation Priority
1. **Immediate:** Security issues
2. **This sprint:** Performance issues
3. **Next sprint:** Maintenance issues
Provide:
The detector will:
references/patterns.md — detailed antipattern examples with problematic and fixed YAML configurations for all categories (Performance, Security, Maintenance, Reliability)