Missing required secrets
VERCEL_TOKEN
GitHub Actions reusable workflow env
Compare caller mappings with a workflow_call contract.
Paste the reusable workflow declaration and the caller job. The checker flags missing required inputs, missing secrets, unknown keys, secret-like values under with, and the boundary around secrets: inherit.
Workflow snippets
No GitHub tokenDo not paste GitHub tokens, repository secrets, or live credential values. This page compares YAML keys and mapping names only.
Mapping result
fail
Required reusable workflow inputs or secrets are not mapped by the caller.
Declared inputs2
Declared secrets1
Missing inputs0
Missing secrets1
Boundary to review
The caller maps keys that are not declared by the reusable workflow contract.
Boundary to review
Secret-like names appear under with:. Move sensitive values to workflow_call secrets.
Detected keys
Caller with
api_tokenenvironment
Caller secrets
None detected.
Safe report
GitHub Actions reusable workflow env check Status: fail Summary: Required reusable workflow inputs or secrets are not mapped by the caller. Declared inputs: environment (required), node-version Declared secrets: VERCEL_TOKEN (required) Caller with keys: api_token, environment Caller secrets keys: none Missing required inputs: none Missing required secrets: VERCEL_TOKEN Unknown inputs: api_token Unknown secrets: none Secret-like with keys: api_token Warnings: - The caller maps keys that are not declared by the reusable workflow contract. - Secret-like names appear under with:. Move sensitive values to workflow_call secrets. Checklist: - Keep non-sensitive configuration under workflow_call inputs. - Keep tokens and credentials under workflow_call secrets. - Avoid secrets: inherit unless the reusable workflow is trusted for every secret in scope. - Do not paste GitHub tokens or secret values; compare only YAML keys and mapping names.