agentskills.codes
IN

internal-github-action-composite

Use when creating or modifying a reusable GitHub composite action under `.github/actions/`, especially when input validation, shell safety, or contract compatibility matters.

Install

mkdir -p .claude/skills/internal-github-action-composite && curl -L -o skill.zip "https://agentskills.codes/api/skills/download/16619" && unzip -o skill.zip -d .claude/skills/internal-github-action-composite && rm skill.zip

Installs to .claude/skills/internal-github-action-composite

Activation

This is the description your AI agent reads to decide when to run this skill — the better it matches your request, the more reliably it fires.

Use when creating or modifying a reusable GitHub composite action under `.github/actions/`, especially when input validation, shell safety, or contract compatibility matters.
174 chars✓ has a “when” trigger

About this skill

GitHub Composite Action Skill

When to use

  • Create a new reusable composite action under .github/actions/.
  • Modify an existing composite action and preserve compatibility.
  • Deepen a GitHub Actions task that has already been classified as composite-action authoring.
  • Add or revise composite-action documentation, outputs, testing guidance, or release discipline.

Relationship to the umbrella skill

  • internal-github-actions is the default entry point for GitHub Actions authoring.
  • Load this skill when the work is specifically a composite action or when the umbrella skill decides the reusable unit should move here.

Composite action vs reusable workflow

FactorComposite actionReusable workflow
GranularityStep-level reuse inside a jobJob-level orchestration
Secrets accessInherited from the caller jobPassed explicitly to the called workflow
OutputsStep outputs onlyWorkflow outputs
Best forShared validation, setup, or step logicPipelines with their own jobs, runners, or environments

Mandatory rules

  • Follow .github/instructions/internal-github-action-composite.instructions.md.
  • Pass expression inputs via env: instead of interpolating ${{ }} directly in run:.
  • Keep shell: bash explicit on composite steps.
  • Start shell blocks with set -euo pipefail.
  • Forward caller-visible values through action outputs: mapped from $GITHUB_OUTPUT.
  • Use $GITHUB_ENV only for step-to-step state inside the action.
  • Extract long shell logic into a dedicated script early.
  • Preserve backward compatibility when modifying existing inputs or outputs.

Reference map

Common mistakes

MistakeWhy it mattersInstead
Interpolating ${{ inputs.x }} directly in run:Crafted input values can turn into shell injectionPass the value through env: and use quoted shell variables
Missing set -euo pipefail in run: blocksSilent failures and partial execution become hard to spotMake strict mode the first line of every shell block
Large inline run: blocksThey are hard to read, lint, and reviewExtract the logic into a dedicated script early
No input validation before the main logicFailures surface later with weaker error messagesValidate required inputs in the first step and fail fast
Forgetting shell: bash on composite stepsRunner defaults can differ and change behaviorKeep shell: bash explicit
Hiding caller-visible values in $GITHUB_ENV or temp filesCallers cannot read the value and the contract stays implicitForward the value through $GITHUB_OUTPUT and outputs:
Leaving outputs or usage undocumentedConsumers guess the contract and misuse the actionKeep a minimal README with inputs, outputs, side effects, and an example
Breaking an existing input or output contractCallers can fail without a clear migration pathAdd new fields compatibly and preserve the old contract where possible

Cross-references

  • internal-github-actions (.github/skills/internal-github-actions/SKILL.md): for the umbrella GitHub Actions lane and reuse-pattern selection.
  • internal-script-bash (.github/skills/internal-script-bash/SKILL.md): for extracted shell scripts inside the action.

Validation checklist

  • Inputs and outputs are explicit.
  • Required inputs are validated in the first step.
  • Multi-step state uses $GITHUB_OUTPUT and $GITHUB_ENV intentionally.
  • Longer logic lives in a dedicated script.
  • The README example matches the real inputs and outputs.
  • A happy-path smoke validation exists.
  • Existing input and output names remain compatible, or the breaking change is versioned deliberately.

Validation

  • Inputs and outputs are explicit and validated early.
  • Shell code uses set -euo pipefail, quoted variables, and explicit shell: bash.
  • A smoke workflow or equivalent fixture validates the happy path.
  • Caller-visible outputs are forwarded through documented outputs: mappings.
  • Existing input and output contracts remain backward compatible.

internal-project-nodejs

pagopa

Use when creating or modifying Node.js or TypeScript project code such as services, APIs, middleware, or modules, and the main concern is application code rather than Docker, workflows, or infrastructure.

00

internal-project-nodejs

pagopa

Use when creating or modifying Node.js or TypeScript project code such as services, APIs, middleware, or modules, and the main concern is application code rather than Docker, workflows, or infrastructure.

00

internal-gcp-organization-structure

pagopa

Use when the user needs Google Cloud control-plane or platform-structure guidance for org or folder layout, billing-account model, project segmentation, Shared VPC host and service project topology, environment segmentation, platform-level network structure, or other layout decisions that shape how

00

internal-gcp-organization-structure

pagopa

Use when the user needs Google Cloud control-plane or platform-structure guidance for org or folder layout, billing-account model, project segmentation, Shared VPC host and service project topology, environment segmentation, platform-level network structure, or other layout decisions that shape how

00

awesome-copilot-cloud-design-patterns

pagopa

Cloud design patterns for distributed systems architecture covering 42 industry-standard patterns across reliability, performance, messaging, security, and deployment categories. Use when designing, reviewing, or implementing distributed system architectures.

00

awesome-copilot-cloud-design-patterns

pagopa

Cloud design patterns for distributed systems architecture covering 42 industry-standard patterns across reliability, performance, messaging, security, and deployment categories. Use when designing, reviewing, or implementing distributed system architectures.

00

Search skills

Search the agent skills registry