Loading...
Loading...
Found 224 Skills
Use this skill when setting up CI/CD pipelines, configuring GitHub Actions, implementing deployment strategies, or automating build/test/deploy workflows. Triggers on GitHub Actions, CI pipeline, CD pipeline, deployment automation, blue-green deployment, canary release, rolling update, build matrix, artifacts, and any task requiring continuous integration or delivery setup.
Comprehensive guide for setting up and configuring CodeQL code scanning via GitHub Actions workflows and the CodeQL CLI. This skill should be used when users need help with code scanning configuration, CodeQL workflow files, CodeQL CLI commands, SARIF output, security analysis setup, or troubleshooting CodeQL analysis.
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches. AI agents running in CI/CD pipelines.
Prepare, publish, and automate releases for npm packages, especially scoped packages that need package.json fixes, publish scripts, npm dry-run checks, `.env`-managed `NPM_TOKEN` handling, npm org token setup, GitHub Actions secrets, semantic-release workflows, npmjs.org publishing, GitHub Packages publishing, GitHub Releases, or release troubleshooting. Use when Codex needs to make a repo publish-ready, verify what npm will ship, configure automated publishing, or diagnose failures involving package contents, registry auth, 2FA, tokens, tags, changelogs, GitHub Actions, or semantic-release.
CI/CD integration patterns for gh-infra: auto-apply on merge, scheduled drift detection, self-managed vs central-management layouts, and authentication setup for GitHub Actions workflows.
Automated code review and analysis. Use when: user wants to review code changes, check for issues, analyze complexity, or perform security scans.
Design and generate CI/CD pipelines from detected project stack signals. Covers GitHub Actions, GitLab CI, CircleCI, and Buildkite with caching, matrix builds, deployment strategies (blue-green, canary, rolling), environment gates, and security scanning. Use when bootstrapping CI, migrating pipelines, or optimizing build times.
Debug or fix failing GitHub PR checks running in GitHub Actions. Inspects checks/logs via `gh`, drafts a fix plan, and implements only after explicit approval. Out of scope: external CI (e.g. Buildkite) — report only the details URL.
Expert-level CI/CD with GitHub Actions, Jenkins, deployment pipelines, and automation
Compare FinOps metrics across multiple repositories in an organization
Manage releases with semantic-release, version bumps, and changelog generation. Use when preparing releases, debugging release failures, or understanding version history.
CI/CD 流水线配置