skillZs
LIVE SKILL TAGS
>>> LIVE SKILLS INDEX <<<
* OPEN SOURCE *
NO LOGIN, NO TRACKING
REAL INSTALL DATA
← back to all skills
paulrberg/agent-skills2.2k installs

cli-gh

Use for GitHub CLI automation: repository reads, workflow runs, search, codespaces, releases, configuration, or gh command syntax. Use yeet for contribution writes to PRs, issues, comments, or discussions.

How do I install this agent skill?

npx skills add https://github.com/paulrberg/agent-skills --skill cli-gh
view source ↗

Is this agent skill safe to install?

  • Gen Agent Trust Hubpass

    This skill provides expert guidance and automation for the GitHub CLI (gh). It includes several shell scripts for automating common DevOps tasks such as pull request management, issue triage, and release workflows. While the skill is professionally authored and includes explicit safety rules against destructive operations, its automation scripts process untrusted external data from GitHub (such as issue and pull request content), which introduces a surface for indirect prompt injection. Additionally, the skill provides documentation for managing sensitive credentials and installing third-party extensions.

  • Socketpass

    No alerts

  • Snykwarn

    Risk: MEDIUM · 1 issue

  • Runlayerwarn

    9/9 files flagged

  • ZeroLeakspass

    Score: 93/100 · 2 sections analyzed

What does this agent skill do?

GitHub CLI

Route GitHub CLI work through current gh help and load only the reference for the active task.

Boundary with yeet

Use yeet when the requested outcome is to create or update a pull request, issue, issue comment, or discussion. yeet owns semantic analysis, repository templates, Paul's writing voice, idempotency, and direct posting. Use this skill for read-only GitHub inspection, command syntax, searches, workflow operations, codespaces, releases, configuration, and other GitHub automation.

Authority

  • Read and inspect without confirmation.
  • Execute reversible or ordinary GitHub writes only when the user explicitly requested that outcome.
  • Never delete repositories, releases/assets, workflow runs/caches, secrets/variables, keys, codespaces, extensions, or gists.
  • Label deletion is the sole destructive exception: show the target repo, exact labels, commands, and issue/PR impact, then require approval in a subsequent message before gh label delete ... --yes.
  • Route repository renames through repo-rename so GitHub and local continuity change together.

Workflow

  1. Resolve the repository explicitly when cwd is ambiguous. Let the first required read-only command validate authentication; run gh auth status only for auth diagnosis.

  2. Inspect gh <command> <subcommand> --help for the installed version before relying on flags or JSON fields. Prefer --json plus --jq for machine-readable results.

  3. Load only the relevant reference:

    TaskReference
    Workflow runs, checks, logsreferences/workflows-actions.md
    Releasesreferences/releases.md
    Searchreferences/search.md
    JSON fields and jqreferences/json-output.md
    Labelsreferences/labels.md
    Codespacesreferences/codespaces.md
    Discussions syntax (not authored contribution workflow)references/discussions.md
    Gistsreferences/gists.md
    Aliases, API, extensions, org/projects, secrets, rulesetsreferences/advanced-features.md
    Reusable automation patternsreferences/automation-workflows.md
    Failures and auth/rate limitsreferences/troubleshooting.md
  4. Preview commands that have broad write scope. After a requested write, fetch the resulting resource and report its URL or stable identifier.

Completion requires the requested GitHub state or data plus command/output evidence. On a partial or ambiguous write failure, check whether the resource changed before retrying.

Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.

<a href="https://skillzs.dev/skills/paulrberg/agent-skills/cli-gh">View cli-gh on skillZs</a>