>_SkillsHub

> gh-fix-ci

Use when a user asks to debug or fix failing GitHub PR checks that run in GitHub Actions. Uses `gh` to inspect checks and logs, summarize failure context, draft a fix plan, and implement only after explicit approval. Treats external providers (for example Buildkite) as out of scope and reports only the details URL. Do NOT use for addressing PR review comments (use gh-address-comments) or general CI outside GitHub Actions.

fetch
$curl "https://skillshub.wtf/tech-leads-club/agent-skills/gh-fix-ci?format=md"
SKILL.mdgh-fix-ci

Gh Pr Checks Plan Fix

Overview

Use gh to locate failing PR checks, fetch GitHub Actions logs for actionable failures, summarize the failure snippet, then propose a fix plan and implement after explicit approval.

  • If a plan-oriented skill (for example create-plan) is available, use it; otherwise draft a concise plan inline and request approval before implementing.

Prereq: authenticate with the standard GitHub CLI once (for example, run gh auth login), then confirm with gh auth status (repo + workflow scopes are typically required).

Inputs

  • repo: path inside the repo (default .)
  • pr: PR number or URL (optional; defaults to current branch PR)
  • gh authentication for the repo host

Quick start

  • python "<path-to-skill>/scripts/inspect_pr_checks.py" --repo "." --pr "<number-or-url>"
  • Add --json if you want machine-friendly output for summarization.

Workflow

  1. Verify gh authentication.
    • Run gh auth status in the repo.
    • If unauthenticated, ask the user to run gh auth login (ensuring repo + workflow scopes) before proceeding.
  2. Resolve the PR.
    • Prefer the current branch PR: gh pr view --json number,url.
    • If the user provides a PR number or URL, use that directly.
  3. Inspect failing checks (GitHub Actions only).
    • Preferred: run the bundled script (handles gh field drift and job-log fallbacks):
      • python "<path-to-skill>/scripts/inspect_pr_checks.py" --repo "." --pr "<number-or-url>"
      • Add --json for machine-friendly output.
    • Manual fallback:
      • gh pr checks <pr> --json name,state,bucket,link,startedAt,completedAt,workflow
        • If a field is rejected, rerun with the available fields reported by gh.
      • For each failing check, extract the run id from detailsUrl and run:
        • gh run view <run_id> --json name,workflowName,conclusion,status,url,event,headBranch,headSha
        • gh run view <run_id> --log
      • If the run log says it is still in progress, fetch job logs directly:
        • gh api "/repos/<owner>/<repo>/actions/jobs/<job_id>/logs" > "<path>"
  4. Scope non-GitHub Actions checks.
    • If detailsUrl is not a GitHub Actions run, label it as external and only report the URL.
    • Do not attempt Buildkite or other providers; keep the workflow lean.
  5. Summarize failures for the user.
    • Provide the failing check name, run URL (if any), and a concise log snippet.
    • Call out missing logs explicitly.
  6. Create a plan.
    • Use the create-plan skill to draft a concise plan and request approval.
  7. Implement after approval.
    • Apply the approved plan, summarize diffs/tests, and ask about opening a PR.
  8. Recheck status.
    • After changes, suggest re-running the relevant tests and gh pr checks to confirm.

Bundled Resources

scripts/inspect_pr_checks.py

Fetch failing PR checks, pull GitHub Actions logs, and extract a failure snippet. Exits non-zero when failures remain so it can be used in automation.

Usage examples:

  • python "<path-to-skill>/scripts/inspect_pr_checks.py" --repo "." --pr "123"
  • python "<path-to-skill>/scripts/inspect_pr_checks.py" --repo "." --pr "https://github.com/org/repo/pull/123" --json
  • python "<path-to-skill>/scripts/inspect_pr_checks.py" --repo "." --max-lines 200 --context 40

> related_skills --same-repo

> security-threat-model

Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Use when the user asks to threat model a codebase or path, enumerate threats or abuse paths, or perform AppSec threat modeling. Do NOT use for general architecture summaries, code review, security best practices (use security-best-practices), or non-security design work.

> security-ownership-map

Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Use when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do NOT use for general maintainer lists, non-security own

> security-best-practices

Perform language and framework specific security best-practice reviews and suggest improvements. Use when the user explicitly requests security best practices guidance, a security review or report, or secure-by-default coding help. Supports Python, JavaScript/TypeScript, and Go. Do NOT use for general code review, debugging, threat modeling (use security-threat-model), or non-security tasks.

> react-best-practices

React and Next.js performance optimization guidelines from Vercel Engineering. Use when writing, reviewing, or refactoring React/Next.js code to ensure optimal performance patterns. Triggers on tasks involving React components, Next.js pages, data fetching, bundle optimization, or performance improvements. Do NOT use for component API architecture or composition patterns (use react-composition-patterns instead).

┌ stats

installs/wk0
░░░░░░░░░░
github stars2.3K
██████████
first seenMar 23, 2026
└────────────

┌ repo

tech-leads-club/agent-skills
by tech-leads-club
└────────────