Professional GitHub workflow skill for AI agents. Covers full project lifecycle: repo setup, Git Flow branching, atomic commits, pull requests, code review,...
Security Analysis
medium confidenceThis is a coherent GitHub workflow guide, but it gives an agent broad authority to use your GitHub account and change repositories, so it should be reviewed before installation.
The GitHub workflow purpose matches the documented commands, but the skill covers high-impact repository actions such as creating issues/PRs, merging PRs, changing branch protection, setting secrets, releases, workflows, and repo deletion/archive commands.
The skill uses mandatory directives and broad trigger language for many project-related terms, which could cause the agent to apply this workflow more broadly than a user expects.
There is no install script or code execution package; this is an instruction-only skill and the static scan had no code to analyze.
Local command use, cloning into ~/workspace/projects, and GitHub CLI operations are proportionate for a GitHub workflow skill, but they affect local repositories and remote GitHub state.
The skill relies on GitHub CLI authentication or GITHUB_TOKEN and maintains persistent work logs for session continuity; both are disclosed, but users should understand the account and task-state implications.
Guidance
Install this only if you want an agent to help manage GitHub repositories. Before use, confirm the target repo, use a low-privilege GitHub token, and require explicit approval before the agent writes to GitHub, changes settings, sets secrets, approves PRs, merges, publishes releases, triggers workflows, archives, or deletes anything.
Latest Release
v1.3.4
- Removed incorrect `⚠️ CONFIRM WITH USER` warning from `gh issue create` in `api-queries.md` — creating an issue is non-destructive and reversible, the warning was inconsistent with the rest of the skill's confirmation policy
More by @kretkas
Published by @kretkas on ClawHub
