Skills github-actions-templates
⚙️

github-actions-templates

Safe 🌐 Network access⚙️ External commands📁 Filesystem access🔑 Env variables

Build GitHub Actions workflows quickly

CI/CD workflows are time consuming to write and easy to misconfigure. This skill provides proven GitHub Actions templates for tests, builds, deployments, and security scans.

Supports: Claude Codex Code(CC)
📊 69 Adequate
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "github-actions-templates". Create a matrix build for Python 3.9 to 3.12 on Linux, macOS, and Windows.

Expected outcome:

  • Runs on ubuntu-latest, macos-latest, and windows-latest
  • Tests Python 3.9, 3.10, 3.11, and 3.12
  • Installs dependencies with pip and runs pytest
  • Triggers on push and pull requests

Using "github-actions-templates". Create a Docker workflow that pushes to GHCR on version tags.

Expected outcome:

  • Logs in to GitHub Container Registry with GitHub_TOKEN
  • Extracts metadata with Docker metadata action
  • Builds and pushes with cache from GitHub Actions cache
  • Tags with branch and semver patterns

Security Audit

Safe
v4 • 1/17/2026

This skill contains only static documentation with YAML workflow examples. All static findings are false positives: the scanner misinterpreted markdown code fences as backtick execution, GitHub Actions secret injection syntax as credential exposure, and YAML version pinning as weak crypto. The skill does not execute code, access files, or make network requests.

2
Files scanned
509
Lines analyzed
4
findings
4
Total audits

Risk Factors

🌐 Network access (2)
skill-report.json:6 SKILL.md:301
⚙️ External commands (25)
SKILL.md:26-65 SKILL.md:65-67 SKILL.md:67-71 SKILL.md:71-120 SKILL.md:120-122 SKILL.md:122-126 SKILL.md:126-161 SKILL.md:161-165 SKILL.md:165-194 SKILL.md:194-196 SKILL.md:196-213 SKILL.md:213-237 SKILL.md:237-240 SKILL.md:240-248 SKILL.md:248-252 SKILL.md:252-285 SKILL.md:285-289 SKILL.md:289-320 SKILL.md:320-324 SKILL.md:324-325 SKILL.md:325-326 SKILL.md:326-327 SKILL.md:327-331 SKILL.md:331-332 SKILL.md:332-333
📁 Filesystem access (1)
SKILL.md:243
🔑 Env variables (3)
SKILL.md:143 SKILL.md:144 SKILL.md:98
Audited by: claude View Audit History →

Quality Score

38
Architecture
100
Maintainability
85
Content
21
Community
100
Security
91
Spec Compliance

What You Can Build

Launch a CI baseline

Start with a test and lint workflow for a new repository and keep builds reliable.

Standardize pipelines

Reuse templates for Docker builds, approvals, and reusable workflows across teams.

Add security scans

Adopt Trivy and Snyk workflow examples to catch vulnerabilities early.

Try These Prompts

Starter test flow 
Create a GitHub Actions workflow that runs npm ci, lint, and tests on pushes and pull requests using Node 20.
Docker build publish 
Provide a workflow to build and push a Docker image to GHCR with tags for branches and semver releases.
Kubernetes deploy 
Draft a workflow that configures AWS credentials and deploys manifests from k8s/ to production.
Reusable test workflow 
Create a reusable workflow that accepts node-version input and uses NPM_TOKEN for private installs.

Best Practices

  • Pin action versions instead of using latest
  • Use secrets for tokens and credentials
  • Limit workflow permissions to the minimum needed

Avoid

  • Using unpinned actions from unknown sources
  • Storing credentials directly in workflow files
  • Deploying to production without approval gates

Frequently Asked Questions

What platforms are compatible?
Works with GitHub Actions. Use the templates in Claude, Codex, or Claude Code for drafting.
What are the main limits?
Templates are examples and may need edits for your stack, repo paths, or cloud setup.
How do I integrate with my repo?
Copy the workflow into .github/workflows and adjust triggers, secrets, and commands.
Is my data safe?
The skill provides static templates and does not read or transmit your files or secrets.
What if a workflow fails?
Check logs, verify action versions, and confirm required secrets and permissions.
How does this compare to writing from scratch?
It saves time by starting from proven patterns while still allowing customization.

Developer Details

Author

wshobson

License

MIT

Repository

https://github.com/wshobson/agents/tree/main/plugins/cicd-automation/skills/github-actions-templates

Ref

main

File structure

📄 SKILL.md