Generates GitHub Actions workflows, custom actions, and reusable workflow files with proper security defaults and current best practices baked in. It routes requests through a decision tree (workflow vs custom action vs reusable workflow), loads only the references needed for that path, then validates everything against the github-actions-validator skill before handing it back. Particularly useful for the security guardrails: it sets read-only permissions by default, pins actions to SHAs with version comments, and adds fork-safe conditionals so secrets never leak to untrusted PRs. If you're tired of copying outdated workflow snippets from Stack Overflow or forgetting to restrict permissions, this handles the boilerplate and catches the footguns.
npx skills add https://github.com/akin-ozer/cc-devops-skills --skill github-actions-generator