adaptive-enforcement-lab/workflow-composition
plugins/patterns/skills/workflow-composition/SKILL.md
Build complex pipelines from reusable workflow components. Compose parent-child workflows, orchestrate multi-stage automation, and eliminate copy-paste YAML.
tools
Updated Mar 27, 2026
$ install --global
skillsauthnpx skillsauth add adaptive-enforcement-lab/claude-skills workflow-compositionInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 29, 2026, 11:09 AM36.6s1 file scanned
SKILL.md
- name:
- workflow-composition
- description:
- >-
Workflow Composition
When to Use This Skill
As automation pipelines grow, a single monolithic workflow becomes unmaintainable. Composition patterns let you build complex pipelines from smaller, reusable pieces. A parent workflow can spawn children, wait for their completion, and orchestrate the overall flow.
Implementation
- Extract reusable logic into separate WorkflowTemplates
- Create a parent workflow that spawns children
- Define success/failure conditions for proper status propagation
- Test each child independently before composing
Test Children First
Always test child workflows independently before composing them into a parent. Debugging failures in composed workflows is much harder than debugging standalone workflows.
Techniques
Patterns
| Pattern | Description | | --------- | ------------- | | Spawning Child Workflows | Create and wait for child workflow completion | | Parallel Execution | Run multiple workflows simultaneously | | DAG Orchestration | Dependency-based execution ordering | | Cross-Workflow Communication | Passing data and triggering decoupled workflows |
Anti-Patterns to Avoid
| Pattern | Description | | --------- | ------------- | | Spawning Child Workflows | Create and wait for child workflow completion | | Parallel Execution | Run multiple workflows simultaneously | | DAG Orchestration | Dependency-based execution ordering | | Cross-Workflow Communication | Passing data and triggering decoupled workflows |
Related Patterns
- Spawning Child Workflows
- Parallel Execution
- DAG Orchestration
- Cross-Workflow Communication
References
- Source Documentation
- AEL Patterns
Related Skills
adaptive-enforcement-lab/workload-identity-federation-implementation
documentation
VerifiedTrustedCommunity
Workload Identity Federation implementation guide. GKE setup, IAM bindings, ServiceAccount configuration, migration from service account keys, and troubleshooting patterns.
SKILL.mdUpdated Mar 27, 2026
adaptive-enforcement-lab/workflow-trigger-security
development
VerifiedTrustedCommunity
Secure GitHub Actions trigger patterns for pull requests, forks, and reusable workflows. Preventing privilege escalation and code injection through trigger misconfiguration.
SKILL.mdUpdated Mar 27, 2026
adaptive-enforcement-lab/third-party-action-risk-assessment
development
VerifiedTrustedCommunity
Structured framework for evaluating GitHub Actions security before adoption. Trust tiers, risk assessment checklist, and decision tree for action evaluation.
SKILL.mdUpdated Mar 27, 2026
adaptive-enforcement-lab/storing-credentials
testing
VerifiedTrustedCommunity
Securely store GitHub App credentials across different environments. GitHub Actions secrets, external CI, Kubernetes, and automated rotation patterns.
SKILL.mdUpdated Mar 27, 2026