gh-cli
gh-cli
When to Use
- Working with GitHub repositories, pull requests, issues, releases, or raw file URLs.
- You need authenticated access to private repositories or higher API rate limits.
- You are about to use
curl,wget, or unauthenticated web fetches against GitHub.
When NOT to Use
- The target is not GitHub.
- Plain local git operations already solve the task.
Guidance
Prefer the authenticated gh CLI over raw HTTP fetches for GitHub content. In particular:
- Prefer
gh repo view,gh pr view,gh pr list,gh issue view, andgh apiover unauthenticatedcurlorwget. - Prefer cloning a repository and reading files locally over fetching
raw.githubusercontent.comblobs directly. - Avoid using GitHub API
/contents/endpoints as a substitute for cloning and reading repository files.
Examples:
gh repo view owner/repo
gh pr view 123 --repo owner/repo
gh api repos/owner/repo/pulls
For the original Claude plugin implementation, see:
plugins/gh-cli/README.mdplugins/gh-cli/hooks/
More from trailofbits/skills
ask-questions-if-underspecified
Clarify requirements before implementing. Use when serious doubts arise.
3.9Ksemgrep
>-
3.4Kmodern-python
Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.
3.4Kcodeql
>-
3.3Kinsecure-defaults
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
3.1Ksecure-workflow-guide
Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.
3.1K