Skip to content

feat: add skill validation CI job#10

Merged
CybotTM merged 1 commit intomainfrom
feat/add-skill-validation-ci
Feb 25, 2026
Merged

feat: add skill validation CI job#10
CybotTM merged 1 commit intomainfrom
feat/add-skill-validation-ci

Conversation

@CybotTM
Copy link
Member

@CybotTM CybotTM commented Feb 25, 2026

Summary

  • Add skill validation job calling reusable workflow from skill-repo-skill
  • Checks SKILL.md frontmatter, word count, composer.json, plugin.json, file presence

Test plan

  • CI passes with new validation job

@CybotTM
feat: add skill validation CI job
30d0c94 
Signed-off-by: Sebastian Mendel <info@sebastianmendel.de>
@gemini-code-assist
Copy link

gemini-code-assist bot commented Feb 25, 2026

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@CybotTM CybotTM requested a review from Copilot February 25, 2026 14:11
@CybotTM CybotTM merged commit 60ec41e into main Feb 25, 2026
6 checks passed
@CybotTM CybotTM deleted the feat/add-skill-validation-ci branch February 25, 2026 14:16
Copilot AI reviewed Feb 25, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a new CI job to validate skill repository structure and content by calling a reusable workflow from the netresearch/skill-repo-skill repository. The validation checks SKILL.md frontmatter, word count, composer.json, plugin.json, and file presence to ensure the repository meets skill standards.

Changes:

  • Added validate job to lint.yml workflow that calls a reusable workflow for skill validation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/lint.yml

validate:
name: Skill Validation
uses: netresearch/skill-repo-skill/.github/workflows/validate.yml@main
Copy link

Copilot AI Feb 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The reusable workflow reference uses @main which is a mutable branch reference. All other action references in this repository use pinned commit SHAs for security (e.g., @de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2). Using @main allows the referenced workflow to change without your knowledge, potentially introducing malicious code or breaking changes. Consider pinning to a specific commit SHA or at minimum a tagged version, following the established pattern in this codebase.

Suggested change
uses: netresearch/skill-repo-skill/.github/workflows/validate.yml@main
uses: netresearch/skill-repo-skill/.github/workflows/validate.yml@v1

Copilot uses AI. Check for mistakes.
.github/workflows/lint.yml
SHELLCHECK_OPTS: -x

validate:
name: Skill Validation
Copy link

Copilot AI Feb 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The validate job does not explicitly define permissions. When calling a reusable workflow, permissions are not inherited by default from the caller workflow. If the reusable workflow needs to access repository contents or other resources, you may need to explicitly pass permissions using the 'permissions' key at the job level, or ensure the reusable workflow has 'permissions: read-all' or specific permissions defined. Verify whether the netresearch/skill-repo-skill validate.yml workflow requires any specific permissions.

Suggested change
name: Skill Validation
name: Skill Validation
permissions:
contents: read

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CybotTM