The Agent Skills Directory

[SAFE]: The skill's primary function is to guide the user through security hardening of GitHub Actions workflows, utilizing trusted auditing tools and standard security practices.\n- [COMMAND_EXECUTION]: The instructions direct the agent to modify project-specific setup and CI scripts (e.g., bin/setup, bin/ci) to automate security checks. These actions are transparent and aligned with development environment standards.\n- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of widely recognized security tools, including actionlint, shellcheck, and zizmor, through official system package managers.\n- [COMMAND_EXECUTION]: The workflow involves using the GitHub CLI to obtain a token for zizmor's online auditing features, which is a legitimate use case for validating action integrity.\n- [SAFE]: The skill provides detailed decision guidelines for various security rules (e.g., template-injection, excessive-permissions) based on established industry best practices for CI/CD security.

harden-github-actions