The Agent Skills Directory

[SAFE]: The skill implements robust security practices for CI/CD automation.
Recommends the use of OpenID Connect (OIDC) for AWS and Cloudflare to eliminate the need for long-lived credentials, reducing the risk of secret leakage.
Integrates with 1Password Connect via the official 1password/load-secrets-action to manage runtime application secrets securely, rather than storing them in GitHub Repository Secrets.
Enforces least-privilege principles by recommending that GitHub Actions permissions be granted at the job level rather than the workflow level.
Implements non-cancellable concurrency controls for deployment jobs to prevent race conditions and ensure deployment integrity.
[SAFE]: All external GitHub Actions and tools referenced in the templates are from trusted or well-known providers.
Utilizes official actions from GitHub, AWS, Docker, 1Password, and Pnpm.
References the voidzero-dev/setup-vp action for environment configuration from a well-known technology provider.
Uses the highly-regarded dorny/paths-filter for intelligent change detection.
[COMMAND_EXECUTION]: The skill uses standard, non-obfuscated shell commands for typical deployment workflows, such as health checking with curl and site deployment via official CLIs like Cloudflare's wrangler.

gh-deploy-pipeline