GitHub Actions workflows not triggering after organization was flagged

[jamal-jolt]

🏷️ Discussion Type

Question

💬 Feature/Topic Area

Other

Body

Hello! Our organization's GitHub Actions workflows have stopped triggering on push to main. (We haven't made any changes to our workflow files.) I noticed a banner saying our organization has been flagged. Does anyone know if there is a known technical reason why flagging would stop Actions from running, and is there anything we can do on our end to get workflows running again while we wait for support to respond?

[Edwardd-Dev]

Hey! This can happen when an organization gets flagged or temporarily restricted by GitHub.

From what I’ve seen, when an org is flagged, GitHub may silently disable or limit GitHub Actions execution, especially for security/abuse prevention reasons.

Here are a few things!!!

✅ 1. Check Actions settings at org level

Go to:
Organization Settings → Actions → General

Make sure:

Actions are enabled for the organization
“Allow all actions and reusable workflows” is selected
✅ 2. Verify repository-level settings

In the affected repository:
Settings → Actions → General

Ensure Actions are enabled
Check if workflows are restricted
✅ 3. Check if workflows are being skipped

Sometimes workflows don’t trigger due to:

[skip ci] or [ci skip] in commit messages
Incorrect branch filters (on: push: branches:)
✅ 4. Try manual trigger

If you have workflow_dispatch enabled, try triggering it manually from the Actions tab.

If it doesn’t run, that’s a strong sign the org restriction is the issue.

⚠️ 5. Flagged organization limitation

If your organization was flagged, GitHub may:

Block Actions runs
Delay workflow execution
Restrict CI/CD features

In this case, there’s usually nothing you can do except wait for GitHub Support.

💡 Temporary workaround

If it’s urgent:

Try running workflows in a personal fork (outside the organization)
Or mirror the repo to another org

Hope this helps — in most cases this is not a workflow issue, but a restriction applied to the organization itself.

Good Luck -- Edwardd-Dev

[itxashancode]

GitHub Actions Workflows Stopped After Organization Flagged

When an organization is flagged by GitHub (typically for suspected policy violations like spam, abuse, or suspicious activity), GitHub may restrict or suspend GitHub Actions as a preventive measure. This is a common enforcement action and explains why your workflows stopped triggering without any changes to the files.

Why Flagging Stops Actions

GitHub's enforcement can include:

• Suspending all Actions in the organization
• Blocking specific workflow events (like push or pull_request)
• Restricting access to certain features (e.g., self-hosted runners, third-party actions)

The banner you saw indicates your org is under review. During this period, GitHub often disables automated workflows to prevent abuse of their infrastructure.

Immediate Steps to Diagnose & Prepare

1. Check Organization Moderation Status

Go to your organization's settings:

Settings > Moderation > Policy enforcement

Look for any active restrictions. If Actions are suspended, you'll see a notice here and in the banner.

2. Verify Repository-Level Actions Settings

Even if the org is flagged, individual repo settings might be overridden:

• Navigate to each affected repository: Settings > Actions > General
• Ensure "Allow all actions and reusable workflows" is selected (or at least not set to "Disable all actions")
• Check if "Workflow permissions" are set correctly (Read/Write as needed)

Important: If the org-wide restriction is active, these repo settings may be grayed out or overridden.

3. Review Audit Logs for Policy Violations

If you have org admin access:

Settings > Audit log

Filter by:

• action:repository.disable_github_actions_workflow
• action:org.disable_github_actions
• action:workflow.workflow_disabled

This shows exactly when and why Actions were restricted. Look for entries mentioning "policy violation" or "abuse."

4. Confirm Workflow Syntax (Quick Check)

While unlikely the cause (since nothing changed), verify your workflow still has correct on: triggers:

name: Example Workflow
on:
  push:
    branches: [ main ]
  # ... other events

If you only see workflow_dispatch without push, that would explain no triggering—but your description suggests this is a new issue.

5. Check for Restricted Actions

If your workflows use third-party actions (e.g., actions/checkout@v3), GitHub may have flagged them as suspicious. Review your workflow files for:

• Actions from unknown/unverified publishers
• Actions that make external network calls
• Self-hosted runners (often restricted during investigations)

Replace any questionable actions with official GitHub-hosted alternatives temporarily.

What You Can Do While Waiting for Support

1. Gather Evidence for Support

   • List affected repositories
   • Screenshot the organization banner and any restriction messages
   • Export relevant audit log entries (as CSV)
   • Note when workflows stopped precisely

2. Submit a Support Ticket

   • Use GitHub's contact form (choose "Report a policy violation appeal")
   • Be specific: "Organization flagged, Actions suspended, workflows not triggering on push"
   • Include org name, repo names, and any error messages from workflow runs (even failed ones show in Actions tab)

3. Temporary Workarounds (If Allowed)
   If Actions remain partially functional:

   • Manually trigger workflows via workflow_dispatch (if enabled)
   • Use GitHub CLI to trigger:

     gh workflow run <workflow-name> -R <owner/repo>

   • Consider moving critical builds to a different, unflagged organization temporarily (if policy allows and you have admin rights)

4. Prevent Future Flags
   While resolving:

   • Avoid mass commits from new/unverified accounts
   • Don't use Actions for cryptocurrency mining or scraping
   • Review GitHub's Acceptable Use Policies

Expected Timeline

• Simple flagging (false positive) may resolve in 24–72 hours after appeal
• Complex investigations can take 1–2 weeks
• GitHub will email updates to org owners

Key Documentation References

• GitHub Actions permissions
• Organization audit log
• Policy enforcement appeals

Bottom line: Flagging directly causes Actions suspension. Your immediate actions are to document restrictions, check settings, and appeal via support with clear evidence. Do not modify workflow files—focus on the org-level issue. Once GitHub lifts the flag, Actions typically resume automatically without further changes.