The Agent Skills Directory

[SAFE] (SAFE): The skill serves as a comprehensive guide for GitHub Actions development. It explicitly includes security hardening documentation in 'references/best-practices.md' that advises users to avoid common pitfalls like 'pull_request_target' misconfiguration and secret logging. All referenced third-party actions are industry standards (e.g., actions/checkout, docker/build-push-action), and the provided templates use 'permissions: read-all' by default to ensure minimal access. No obfuscation, data exfiltration, or unauthorized command execution was found.

github-workflows