Want the patterns that close all of these?
The Cut Your CI Bill cookbook covers all 30 of the patterns this engine looks for, plus 5 paste-ready hardened workflow templates. Companion to ci-doctor. $19, one-time, MIT-licensed templates.
GitHub Actions audit, in your browser no upload
Paste or drop a workflow YAML. The audit runs entirely in your browser — same engine as the ci-doctor CLI on npm. Catches missing concurrency, missing timeouts, expensive runners, unpinned actions, missing permissions, wide triggers, no cache hint, and more. Nothing leaves this page.
Engine: ci-doctor --
Want the dollar number too?
This page tells you what is wrong. To see what it costs, paste the same workflow into budget — matrix expansion, real GitHub-hosted runner pricing, monthly projection.
Or run the audit in CI
npx ci-doctor # audit
npx ci-doctor --fix # apply safe fixes in place
npx ci-doctor --sarif > out.sarif # for GitHub Code Scanning
This audit page runs in your browser using a 119 KB bundle of the same
rules engine that ships in ci-doctor on npm. Source on
GitHub. MIT.