Skills
skills/tkersey/dotfiles/join

join

SKILL.md

Join

Intent

Run a continuous PR operator using gh commands only. Keep PRs created, green, and merge-ready with minimal-incision fixes. Do not approve or merge PRs unless explicitly instructed by the user.

Command boundary (hard rule)

  • Use only gh CLI commands (gh pr, gh run, gh api, gh repo).
  • Do not run git or any non-gh command.
  • If a required action cannot be completed with gh alone, apply auto:hold and leave a blocking comment.

Quick start

  1. Ensure gh auth status succeeds.
  2. Ensure labels exist: auto:manage, auto:hold.
  3. Start the monitor loop.

Auth preflight (required)

  • Run these checks before any PR routing or mutation:
    • gh auth status
    • gh repo view <owner>/<repo> --json nameWithOwner --jq .nameWithOwner
  • If either check fails:
    • Fail fast for the current run.
    • Apply auto:hold on affected PRs (or emit hold outcome in cloud loop when no PR is selected yet).
    • Record reason as auth_unavailable.

Label contract

  • auto:manage: opt-in to automation.
  • auto:hold: pause automation.

Contributor guidance:

  • Add auto:manage to opt in.
  • Add auto:hold to stop the operator.

PR creation policy (gh-only)

  • For every non-default branch discoverable via gh api without an open PR, create a PR.
  • Use the repo PR template if present; else use assets/pr-template.md.
  • Prefer gh pr create --fill and apply auto:manage.
  • Default to ready-for-review (no drafts unless configured).

Operating mode

Use one mode only:

  • gh-only remote mode: no local checkout assumptions and no local workspace mutations.

Cloud Join operator ($puff + seq -> join)

Use this when running Join as a cloud subagent loop:

  1. Launch with $puff join-operator.
  2. For each patch artifact, route by weighted manifest-first scoring (include PR file-path hydration via gh pr view <num> --json files): target_pr_hint (+5.0), touched_entities overlap (+0..4.5), changed_paths overlap (+0..3.0), base-branch match (+1.5), and issue_refs (+0.5 each, max +1.0). Compute confidence as min(0.99, (raw_score / 12.0) * risk_multiplier) where risk_multiplier={low:1.00, medium:0.95, high:0.80, critical:0.65}.
  3. If routing gates fail, run $seq first to recover intent/context. Routing gates are: confidence below effective threshold (threshold * risk_threshold_multiplier where risk_threshold_multiplier={low:0.95, medium:1.00, high:1.15, critical:1.25}), top-two score margin < 0.75, no entity/path/hint signal, manifest entities exist but no entity match, or risk_level is high|critical.
  4. Then run $join for gh-only PR operations and CI/handoff behavior.

Launch recipe:

  • "$PUFF_SCRIPT" join-operator --env <env-id-or-label> --repo <owner/repo> --patch-inbox <locator>
  • Canary recipe (one bounded cycle):
    • "$PUFF_SCRIPT" join-operator --env <env-id-or-label> --repo <owner/repo> --patch-inbox <locator> --canary

Cloud auth note:

  • In cloud environments, provide GH_TOKEN (or GITHUB_TOKEN) with repo-scoped permissions needed for join operations.

Patch manifest contract

Patch producers should emit a manifest that validates against:

  • assets/cloud-join-manifest.schema.json
  • assets/cloud-join-manifest.example.minimal.json (copy-ready minimal example)
  • assets/cloud-join-manifest.example.full.json (copy-ready full example)

Required fields:

  • patch_id
  • producer
  • repo (owner/repo)
  • base_branch
  • changed_paths (non-empty)
  • intent_summary

Optional routing hints:

  • target_pr_hint
  • issue_refs
  • touched_entities (array of objects with entity; optional file and kind)
  • risk_level (low|medium|high|critical)
  • confidence
  • patch_file

Monitor loop

Process PRs sequentially (blocking per PR on CI):

  1. List open PRs: gh pr list --state open --json number,title,headRefName,labels,isDraft.
  2. For each PR:
    • Skip if auto:hold.
    • Skip if not auto:manage and not agent-created.
    • If draft, mark ready: gh pr ready <num>.
    • Keep the branch current with gh pr update-branch <num> --rebase when available.
    • Enforce CI gate (required checks only; see below).
    • If failing, run the surgical fix loop.
    • When green, publish merge-ready handoff status.
    • Do not approve or merge.

CI gate (required checks only)

  • Gate on required checks only (gh pr checks --required). Optional checks do not block handoff.
  • Detect “ungated” repos/PRs (no required checks):
    • If gh pr checks <num> --required --json name returns an empty list, treat CI as green and proceed to handoff.
  • Wait for required checks (blocking):
    • gh pr checks <num> --required --watch --fail-fast
    • This blocks until all required checks pass or the first required check fails.
  • Stalled CI (10 minutes with no observable progress):
    • Define “progress” as any change in the required-check snapshot (name, bucket, startedAt, completedAt).
    • While waiting, periodically sample: gh pr checks <num> --required --json name,bucket,startedAt,completedAt.
    • If the snapshot does not change for 10 minutes while not all checks are bucket=pass, apply auto:hold and leave a summary comment with links to the stuck checks.
    • Treat bucket=pending, bucket=skipping, and bucket=cancel as “not green” (blocked) until resolved; do not mark as handoff-ready through them.
  • Drill into GitHub Actions when needed:
    • Identify check links: gh pr checks <num> --required --json name,bucket,link,workflow
    • Find likely runs: gh run list --branch <headRefName> --limit 10
    • Watch a run live: gh run watch <run-id> --compact --exit-status
    • Fetch failing step logs: gh run view <run-id> --log-failed

Surgical fix loop (gh-only)

Smallest change that makes CI green using gh only:

  1. Read the failure from CI logs.
  2. Apply the minimal fix through GitHub APIs via gh api on the PR head branch.
  3. Re-run checks and re-evaluate.
  4. Apply a hard regression floor before each new attempt:
    • Snapshot required checks before and after each attempt (gh pr checks <num> --required --json name,bucket).
    • If required checks get worse (for example: more failing checks, fewer passing checks, or a new blocked required check), stop immediately, apply auto:hold, and publish hold_reason=regression_floor_worsened.
    • If two consecutive attempts show no reduction in failing required checks, stop, apply auto:hold, and publish hold_reason=regression_floor_no_improvement.
  5. Limit attempts (default 3). On exhaustion, permission issues, or hard conflicts:
    • Leave a summary comment.
    • Request changes as last resort.
    • Apply auto:hold.

Handoff (no merge)

  • When required checks are green (or no required checks exist) and no hold:
    • Update status/comment to indicate: ready for human review/merge.
    • Keep the PR open.
  • Policy:
    • Never run gh pr merge (any flags).
    • Never run gh pr review --approve unless explicitly instructed by the user.
  • Confirm handoff state:
    • gh pr view <num> --json state,mergeStateStatus,reviewDecision

Adaptive polling

  • Poll under 60s unless CI is slow.
  • Use recent CI duration to back off (cap at 120s).
  • Exponential backoff on API errors.

Status reporting

  • Maintain a single PR comment/check-run named Join Operator.
  • Update in place (avoid comment spam).
  • Include machine-checkable fields in each status update:
    • raw_score
    • score_breakdown (target_pr_hint, entity_overlap, entity_hits, path_overlap, base_branch_match, issue_refs, risk_multiplier)
    • threshold_decision (confidence_threshold, effective_confidence_threshold, risk_threshold_multiplier, score_margin, needs_seq_reasons)
    • conflict_kind (none|routing|merge|policy|permission|ci)
    • complexity (low|medium|high)
    • confidence (0.00-1.00)
    • resolution_hint (actionable next step; none only when resolved)
    • action_taken
    • status (applied|hold|failed|no_match)
    • hold_reason

Gh-only block comment template

Join Operator: gh-only automation block

This PR needs an action outside the gh-only boundary (for example, manual conflict resolution or a local-only edit path).
Apply the needed commit manually, then remove `auto:hold`.

Stalled CI comment template

Join Operator: required checks stalled

Required checks showed no progress for 10 minutes.
Investigate the linked runs, unblock CI, then remove `auto:hold`.

Recipes (gh-only)

  • Default branch: gh repo view --json defaultBranchRef --jq .defaultBranchRef.name
  • Branch discovery: gh api repos/<owner>/<repo>/branches --paginate --jq '.[].name'
  • Create: gh pr create --fill --head <branch> --label auto:manage
  • Open PRs: gh pr list --state open --json number,title,headRefName,labels,isDraft
  • Mark ready: gh pr ready <num>
  • Update branch: gh pr update-branch <num> --rebase
  • PR head OID: gh pr view <num> --json headRefOid --jq .headRefOid
  • Required checks (summary): gh pr checks <num> --required
  • Required checks (watch): gh pr checks <num> --required --watch --fail-fast
  • Required checks (links/JSON): gh pr checks <num> --required --json name,bucket,link,workflow
  • Actions runs (by branch): gh run list --branch <branch> --limit 10
  • Actions run logs: gh run view <run-id> --log-failed
  • Request changes: gh pr review <num> --request-changes --body "<reason>"
  • Handoff state: gh pr view <num> --json state,mergeStateStatus,reviewDecision
  • Handoff note (example): gh pr comment <num> --body "Join Operator: required checks are green; ready for human merge."

Assets

  • assets/pr-template.md
  • assets/cloud-join-manifest.schema.json
  • assets/cloud-join-manifest.example.minimal.json
  • assets/cloud-join-manifest.example.full.json
  • assets/cloud-join-operator-prompt.md
  • scripts/build_cloud_join_prompt.py
  • scripts/manifest_router.py
Weekly Installs
21
Repository
tkersey/dotfiles
GitHub Stars
43
First Seen
Feb 28, 2026
Security Audits
Gen Agent Trust HubPass
SocketWarn
SnykWarn
Installed on
gemini-cli21
opencode21
codebuddy21
github-copilot21
codex21
kimi-cli21