Does this skill require a GitHub App?

Yes, you must have a GitHub App created and installed on your target repositories or organization to use these token generation patterns.

When should I use an installation token instead of GITHUB_TOKEN?

Use installation tokens when your workflow needs to access repositories other than the one where the workflow is running, or when performing organization-wide discovery tasks.

Can I use these tokens to perform actions as a specific user?

No, installation tokens perform actions as a 'bot' associated with the GitHub App. For user-attributed actions, you should use OAuth tokens instead.

How long do the generated tokens remain valid?

Tokens generated using these patterns are short-lived and expire automatically after 1 hour, significantly reducing the risk of credential leakage.

GitHub Installation Token Generation

Name: GitHub Installation Token Generation
Author: adaptive-enforcement-lab

byadaptive-enforcement-lab

Despliegue y DevOps

Generates short-lived GitHub App installation tokens to securely automate cross-repository workflows and organization-wide CI/CD operations.

Acerca de

This skill provides standardized implementation patterns for generating GitHub App installation tokens, enabling secure and automated repository operations without human intervention. It streamlines the process of authenticating workflows across multiple repositories or entire organizations while adhering to security best practices through 1-hour token expiration and granular scoping. By using these patterns, developers can move away from risky Personal Access Tokens (PATs) and implement the principle of least privilege for automated bot actions, repository discovery, and policy enforcement.

Características Principales

Granular repository and organization-level scoping
Standardized GitHub App integration patterns
Short-lived (1-hour) secure credential management
Automated bot-attributed action configuration
Cross-repository automation authentication
0 GitHub stars

Casos de Uso

Orchestrating CI/CD pipelines that require access to multiple private repositories
Dynamic repository targeting and discovery for maintenance workflows
Automating organization-wide security audits or policy enforcement scripts

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptive-enforcement-lab/claude-skills installation-token-generation

For use in Claude.ai and ChatGPT

Download Skill

GitHub