Toolverse
All skills
Security

gh-actions-validator

by jeremylongshore

Validate use when validating GitHub Actions workflows for Google Cloud and Vertex AI deployments. Trigger with phrases like \

Installation

Pick a client and clone the repository into its skills directory.

Installation

Quick info

Author
jeremylongshore
Category
Security
GitHub repo

About this skill

Validate use when validating GitHub Actions workflows for Google Cloud and Vertex AI deployments. Trigger with phrases like \

How to use

  1. Upewnij się, że masz dostęp do repozytorium GitHub z włączonymi Actions, projektu Google Cloud z aktywnym billing, zainstalowanego gcloud CLI z uprawnieniami administratora oraz zrozumienia koncepcji Workload Identity Federation.

  2. Uruchom skill z frazami takimi jak "validate github actions", "setup workload identity federation", "github actions security", "deploy agent with ci/cd" lub "automate vertex ai deployment", aby rozpocząć walidację.

  3. Skill przeskanuje katalog .github/workflows/ w poszukiwaniu problemów bezpieczeństwa, szczególnie użycia JSON-owych kluczy serwisowych zamiast OIDC.

  4. Zweryfikuj, że w przepływach jest ustawione uprawnienie id-token: write oraz że role IAM stosują zasadę najmniejszych uprawnień (bez ról owner lub editor).

  5. Dodaj do przepływów skanowanie tajnych danych i skanowanie podatności, a następnie walidację wdrożeń poprzez health checki po deploymencie.

  6. Skonfiguruj monitoring i alerty dla błędów wdrożenia, a skill dostarczy komendy do jednorazowej konfiguracji Workload Identity Federation w Twoim projekcie Google Cloud.

Related skills

solidity-security

by wshobson

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.

Security
10105

1password

by openclaw

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

Security
1174

skill-writer

by pytorch

Guide users through creating Agent Skills for Claude Code. Use when the user wants to create, write, author, or design a new Skill, or needs help with SKILL.md files, frontmatter, or skill structure.

Security
15116

better-auth-best-practices

by novuhq

Skill for integrating Better Auth - the comprehensive TypeScript authentication framework.

Security
1148

architect-review

by sickn33

Master software architect specializing in modern architecture patterns, clean architecture, microservices, event-driven systems, and DDD. Reviews system designs and code changes for architectural integrity, scalability, and maintainability. Use PROACTIVELY for architectural

Security
2773

content-creator

by alirezarezvani

Create SEO-optimized marketing content with consistent brand voice. Includes brand voice analyzer, SEO optimizer, content frameworks, and social media templates. Use when writing blog posts, creating social media content, analyzing brand voice, optimizing SEO, planning content

Security
25124