Agent skill

hardened-ci-workflow

Production-ready CI workflow examples with all security patterns applied. SHA pinning, minimal permissions, secret scanning, and language-specific variants.

Stars 1
Forks 2

Install this agent skill to your Project

npx add-skill https://github.com/adaptive-enforcement-lab/claude-skills/tree/main/plugins/secure/skills/hardened-ci-workflow

SKILL.md

Hardened CI Workflow

When to Use This Skill

Copy-paste ready CI workflow templates with comprehensive security hardening. Each example demonstrates action pinning, minimal GITHUB_TOKEN permissions, input validation, and security scanning.

Complete Security Patterns

These workflows integrate all security patterns from the hub: SHA-pinned actions, job-level permissions, secret scanning prevention, fork PR safety, and security tooling. Use as production templates.

Implementation

See the full implementation guide in the source documentation.

Examples

See examples.md for code examples.

Full Reference

See reference.md for complete documentation.

References

Expand your agent's capabilities with these related and highly-rated skills.

Didn't find tool you were looking for?

Be as detailed as possible for better results