Skills
skills/testacode/llm-toolkit/github-actions-expert

github-actions-expert

SKILL.md

GitHub Actions Expert

Skill para configurar GitHub Actions con detección proactiva de repos sin CI.

Proactive Detection

Al iniciar trabajo en un proyecto, verificar si existe .github/workflows/:

ls -la .github/workflows/ 2>/dev/null || echo "NO_WORKFLOWS"

Si no hay workflows → preguntar al usuario si quiere agregar CI básico.

Workflow

Phase 0: Knowledge Update

Before generating any workflow, fetch latest documentation:

  1. Search for latest GitHub Actions docs via Context7 or WebSearch:

    • Current action versions (checkout, setup-node, setup-python, setup-go)
    • Latest Node.js LTS version
    • Recent best practices updates

  2. Version Reference (verify these are current):

    Action Current Version
    actions/checkout v4
    actions/setup-node v4
    actions/setup-python v5
    actions/setup-go v5
    actions/cache v4
    actions/upload-pages-artifact v3
    actions/deploy-pages v4

  3. Node.js LTS: Verify current LTS version (use WebSearch if unsure)

Phase 1: Stack Detection

Detect project type and tools:

# Detect project type
ls package.json 2>/dev/null && echo "NODE_PROJECT"
ls pyproject.toml requirements.txt 2>/dev/null && echo "PYTHON_PROJECT"
ls go.mod 2>/dev/null && echo "GO_PROJECT"

# For Node.js - detect package manager
ls pnpm-lock.yaml 2>/dev/null && echo "PNPM"
ls bun.lockb 2>/dev/null && echo "BUN"
ls package-lock.json 2>/dev/null && echo "NPM"

# Detect Node version
cat .nvmrc 2>/dev/null || cat package.json | grep -A2 '"engines"'

Phase 2: Script Analysis (Node.js)

Read package.json using Read tool and detect available scripts.

Look for the scripts section and identify which scripts exist.

Common scripts to check:

  • lint → Include linting step
  • typecheck → Include type checking
  • test → Include testing
  • build → Include build step
  • test:coverage → Include coverage upload

Phase 3: Workflow Selection

Present options based on detected stack:

For Node.js:

  • CI Básico (lint, typecheck, test, build)
  • Deploy a GitHub Pages
  • Release con Tags (v*)
  • Security Scans
  • Coverage Upload (Codecov)

For Python:

  • CI Básico (ruff, pyright/mypy, pytest)
  • Coverage Upload

For Go:

  • CI Básico (go vet, golangci-lint, go test)
  • Release binaries

Phase 4: Generate Workflows

Load templates from references/ and customize:

  1. Replace placeholders:

    • {{NODE_VERSION}} → Detected or default (22.x)
    • {{PACKAGE_MANAGER}} → npm/pnpm/bun
    • {{INSTALL_COMMAND}} → npm ci / pnpm install --frozen-lockfile / bun install
    • {{BRANCH}} → main/master (auto-detect)
    • {{SCRIPTS}} → Based on available scripts

  2. Always include:

    • Concurrency control
    • Caching for dependencies
    • fail-fast strategy

  3. Create .github/workflows/ if needed:

    mkdir -p .github/workflows

Phase 5: Improve Existing Workflows

If workflows exist, analyze for anti-patterns:

cat .github/workflows/*.yml

Anti-patterns to detect:

Anti-Pattern Fix
actions/*@v3 Update to @v4
setup-node without cache Add cache: 'npm'
npm install Use npm ci
No concurrency: Add concurrency control
Matrix with single version Remove unnecessary matrix
Missing fail-fast: true Add explicit fail-fast

See references/anti-patterns.md for full guide.

Phase 6: Verification

After generating:

  1. Validate YAML (if actionlint available):

    which actionlint && actionlint .github/workflows/*.yml

  2. Check required permissions:

    • GitHub Pages → pages: write, id-token: write
    • Releases → contents: write
    • PRs → pull-requests: write

  3. Show summary:

    Workflows Created/Updated
=========================

✓ .github/workflows/ci.yml
  - Triggers: push (main), pull_request
  - Jobs: lint, typecheck, test, build
  - Node: 22.x with npm

Next Steps:
1. Review generated workflows
2. git add .github/workflows/
3. git commit -m "ci: add GitHub Actions workflow"
4. Push to trigger first run

Templates Reference

Templates are in references/ directory:

Template Description
nodejs-ci.yml Standard CI with lint/typecheck/test/build
nodejs-deploy-pages.yml Deploy to GitHub Pages
nodejs-release.yml Release on tag push (v*)
python-ci.yml Python CI with uv/pip, ruff, pytest
go-ci.yml Go CI with vet, lint, test
security.yml npm audit + secrets scanning

Best Practices Enforced

  1. Always use latest action versions (@v4 for most)
  2. Use npm ci over npm install for reproducible builds
  3. Enable caching in setup-node/setup-python/setup-go
  4. Add concurrency control to cancel outdated runs
  5. Use fail-fast: true to cancel parallel jobs on failure
  6. Specify permissions explicitly when needed
  7. Use Node 22.x (current LTS)

Concurrency Control Template

Always include in workflows:

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

This cancels outdated PR runs but never cancels main branch runs.

Package Manager Detection

Lockfile Package Manager Install Command
pnpm-lock.yaml pnpm pnpm install --frozen-lockfile
bun.lockb bun bun install --frozen-lockfile
package-lock.json npm npm ci
None npm npm ci (after npm install generates lock)

Branch Detection

# Detect default branch
git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's@^refs/remotes/origin/@@'
# Or fallback
git branch -r | grep -E 'origin/(main|master)' | head -1 | sed 's@origin/@@'
Weekly Installs
5
Repository
testacode/llm-toolkit
First Seen
Jan 25, 2026
Security Audits
Gen Agent Trust HubPass
SocketFail
SnykWarn
Installed on
claude-code5
opencode4
gemini-cli4
codex4
antigravity3
windsurf3