The Agent Skills Directory

[COMMAND_EXECUTION]: Utilizes the gh CLI extensively to perform read-only audits and authorized modifications to GitHub repository settings, workflows, and action secrets.
[EXTERNAL_DOWNLOADS]: Retrieves a text-based version mapping file from a public repository (simonw/actions-latest) to compare local Action pins against the latest available versions.
[REMOTE_CODE_EXECUTION]: Recommends the use of local package managers such as npm or uv to prune unused dependencies or update lock files based on audit findings. These operations are presented for user approval before execution.
[CREDENTIALS_UNSAFE]: Instructs the user on how to manually elevate their GitHub CLI permissions (delete_repo scope) when they explicitly choose to delete repositories, ensuring the agent does not possess these permissions by default.
[PROMPT_INJECTION]: Reads and processes external data from GitHub (repository names, workflow YAML files) which could theoretically contain malicious instructions; however, the skill mitigates this risk by requiring human verification and using structured parsing for all data analysis.

github-cleanup