What is the GitHub Actions Conventions skill?

It is a specialized capability for Claude that provides standardized guidelines for writing, reviewing, and optimizing GitHub Actions CI/CD workflows.

Which shells does this skill recommend for scripts?

The skill recommends explicitly specifying 'bash' for most scripts to ensure cross-platform consistency and avoid the limitations of the default 'sh' shell.

How does it improve workflow security?

It enforces the principle of least privilege by recommending explicit permission scopes and discouraging the use of broad default permissions.

Does this skill work with existing repositories?

Yes, it includes a specific discovery process to identify and respect existing patterns in your repository while suggesting improvements for security or performance.

Why are naming conventions important for GitHub Actions?

Consistent kebab-case naming for files and descriptive names for steps make workflows easier to debug, more readable for team members, and simpler to manage at scale.

GitHub Actions Conventions

Name: GitHub Actions Conventions
Author: jsamuelsen11

byjsamuelsen11

0•

Deployment & DevOps

Standardizes GitHub Actions workflows through maintainable naming conventions, secure permission scoping, and efficient CI/CD patterns.

This skill provides a comprehensive framework for building and maintaining high-quality GitHub Actions workflows. It enforces best practices for workflow file naming, job structure, and step descriptions while emphasizing security through the principle of least privilege. By following these conventions, developers can reduce debugging time, improve repository consistency, and ensure that CI/CD pipelines are both performant and reliable across diverse projects, whether starting fresh or managing legacy configurations.

Key Features

01Security-first approach with explicit permission scoping and OIDC configuration.

02Intelligent discovery rules for adapting to existing repository patterns safely.

03Best practices for trigger configuration including push, pull request, and manual dispatch.

04YAML style guidelines for shell selection, multi-line scripts, and environment variables.

05Standardized kebab-case naming for workflow files and descriptive step naming.

060 GitHub stars

Use Cases

01Onboarding teams to a unified standard for workflow automation and repository maintenance.

02Setting up a new repository with robust, secure, and performant CI/CD pipelines.

03Auditing and refactoring legacy GitHub Actions for security vulnerabilities and performance issues.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jsamuelsen11/claude-config actions-conventions

For use in Claude.ai and ChatGPT

Download Skill