gha-style
CommunityEnforce secure and reliable GitHub Actions workflows.
Authorfuredea
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps developers implement security best practices and operational standards in GitHub Actions workflows, reducing risks and improving CI/CD reliability.
Core Features & Use Cases
- Permission Management: Guides on whitelisting permissions to restrict access scope, preventing over-permissioned tokens.
- Version Pinning Enforcement: Advises on pinning specific action versions or commits to ensure reproducibility and security.
- Script Injection Prevention: Demonstrates safe handling of untrusted inputs to avoid shell command injection.
- Timeout & Shell Settings: Recommends explicit timeout and shell configurations for stable executions.
- Concurrency Control: Shows how to cancel redundant runs for efficient workflow executions.
- Runner Optimization: Introduces alternative runners like Blacksmith for faster job execution.
Quick Start
Configure your GitHub Actions workflow to explicitly set permission levels, specify exact action versions, and handle inputs safely to improve security and efficiency.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: gha-style Download link: https://github.com/furedea/dotfiles/archive/main.zip#gha-style Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.