Stats
Actions
Tags
From claude-agent-dev
Secure GitHub automation and CLI scripting. Expert in GitHub Actions, OIDC, and SHA-pinning. Not for reviewing code quality or correctness (see request-code-review). Trigger on: 'add CI', 'setup release', 'harden workflow', 'gh api', 'github-automation', 'least-privilege permissions', 'OIDC setup'.
How this skill is triggered — by the user, by Claude, or both
Slash command
/claude-agent-dev:github-automationThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Secure, high-performance GitHub automation.
evals/evals.jsonreferences/api-pagination-and-limits.mdreferences/headless-auth-patterns.mdreferences/oidc-cloud.mdreferences/schemas.mdreferences/security-hardening.mdreferences/topic-map.mdreferences/troubleshooting.mdreferences/workflow-recipes.mdscripts/inspect_pr_checks.pyscripts/lint.pyscripts/lint.shscripts/pin_actions.pyscripts/test_lint.pySecure, high-performance GitHub automation.
digraph github_automation {
rankdir=TB;
node [shape=box, style=rounded, fontname="Helvetica"];
edge [fontname="Helvetica", fontsize=10];
Trigger [label="Trigger: Workflow/CLI Request", shape=diamond];
PathA [label="Path A: ACTIONS\n(YAML Workflows)"];
PathB [label="Path B: CLI\n(gh scripts/API)"];
// Path A Flow
ClassifyA [label="1. Classify Intent"];
AuthorA [label="2. Author & Harden\n(SHA-Pinning/OIDC)"];
ValidateA [label="3. Validate & Audit\n(Lint/Security Review)"];
// Path B Flow
ModeB [label="1. Mode Selection\n(Inline vs Script)"];
StandardsB [label="2. Headless Standards\n(Auth/Paginate)"];
SafetyB [label="3. Safety & Idempotency\n(Snapshot/Check existence)"];
Trigger -> PathA [label="yml / CI"];
Trigger -> PathB [label="gh / API"];
Diagnose [label="Handoff:\ndiagnose", style=dashed];
Refactor [label="Handoff:\nrefactor", style=dashed];
PathA -> ClassifyA -> AuthorA -> ValidateA;
PathB -> ModeB -> StandardsB -> SafetyB;
ValidateA -> Diagnose [label="runtime fail", style=dashed];
ValidateA -> Refactor [label="hygiene issue", style=dashed];
SafetyB -> Diagnose [label="script fail", style=dashed];
}
${{ github.event... }} directly into run:. WHY: This allows attackers to inject malicious shell commands if they control event data (e.g., PR titles). FIX: Always pipe inputs through env:.pull_request_target to check out a PR head without manual auditing. WHY: It runs with repository secrets and write permissions; checking out untrusted code allows that code to exfiltrate secrets or corrupt the repo.| Signal | Path |
|---|---|
.github/workflows/*.yml, "add CI", "set up release" | Path A: ACTIONS |
gh script, batch API, headless automation | Path B: CLI |
action: Classify Intent
Identify the workflow type and confirm via AskUserQuestion — the tool supplies a free-text "Other" automatically, so don't add one manually. There are exactly 3 named intents; surface the 2 most plausible as real options rather than padding with a generic one:
✅ Recommended — [CI / Release / Deploy] based on [trigger and context: push vs tag vs environment target].
Alternative — [the next-most-plausible of the remaining two intents] + reason it might apply instead.
Author with Hardening (Non-Negotiable):
@v4 with @<full_sha>.
python3 scripts/pin_actions.py path/to/workflow.ymlcontents: read. Widen only where needed.id-token: write and cloud OIDC actions (AWS, GCP, Azure, HashiCorp Vault).Validate:
python3 scripts/lint.py path/to/workflow.ymlAudit: Dispatch general-purpose subagent for semantic security review.
action: Mode Selection
Identify the execution mode and confirm via AskUserQuestion — the tool supplies a free-text "Other" automatically, so don't add one manually:
✅ Recommended — [Inline Command / Headless Script] based on [one-shot vs repeatable/batch complexity].
Alternative — [the other mode] + the condition under which it would actually be preferable.
Headless Standards:
GH_PROMPT_DISABLED=1.gh auth status before mutation.gh api --paginate with --jq for structured output.Safety: Snapshot IDs before batch mutations. Add jitter/sleep for write loops.
Idempotency: Check existence before POST; prefer PATCH.
permissions: set explicitly (no reliance on defaults).pin_actions.py.env:, never run: interpolation.pull_request_target audited for PR head checkout (Forbidden).next skills:
verification-before-completion: After updating workflows or automation scripts, to verify they pass linting and initial validation before committing.diagnose: If any gh or automation script fails at runtime, to root-cause the error trace rather than patching it blind.refactor: If validation/audit flags a structural or hygiene issue (not a runtime failure) in the workflow/script.diagnose or refactor based on blocking issue type.gh or automation script fails, immediately handoff to diagnose with the error trace.Provides behavioral guidelines to reduce common LLM coding mistakes, focusing on simplicity, surgical changes, assumption surfacing, and verifiable success criteria.
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.
Creates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.
npx claudepluginhub j0hanz/claude-agent-dev-plugin