provectus/gha-diagnosis
registry/skills/gha-diagnosis/SKILL.md
Use when GitHub Actions checks fail, workflow runs are red, or user asks to fix CI. Triggers on "fix CI", "actions failing", "checks are red", "pipeline broke", "workflow failed". User may provide a run URL, job ID, or just ask to fix.
$ install --global
skillsauthnpx skillsauth add provectus/awos-recruitment gha-diagnosisInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 9:58 AM243.0s1 file scanned
SKILL.md
- name:
- gha-diagnosis
- context:
- fork
- argument-hint:
- <run URL, job ID, or leave empty to auto-detect>
- description:
- Use when GitHub Actions checks fail, workflow runs are red, or user asks to fix CI. Triggers on "fix CI", "actions failing", "checks are red", "pipeline broke", "workflow failed". User may provide a run URL, job ID, or just ask to fix.
GitHub Actions — Autonomous Failure Fix Loop
Fetch failed workflow logs via gh, diagnose root causes, fix, verify locally, commit. All failures in one pass.
Input
User may provide:
- Nothing — find failures via
gh run list --status failure --limit 5 - Run URL — e.g.
https://github.com/org/repo/actions/runs/123→ extract run ID - Run/Job ID — use directly with
gh run view <id> --log-failed
Context Loading
Read .github/workflows/*.yml to understand the exact commands each job runs. These are your local verify commands.
Phase 1: Fetch and Triage
gh run view <run-id> --log-failed
Group failures by root cause:
| Category | Signals | Typical Fix | |----------|---------|-------------| | Lint/Format | linter, formatter errors | Auto-fix or targeted edit | | Test | assertion errors, crashes | Fix code or test | | Security | vulnerability flags | Upgrade dep, scoped override | | Stale workflow | action SHA mismatch, deprecated syntax | Update workflow YAML | | Env/secrets | missing var, auth failure | Fix workflow env block | | Build | type errors, import failures | Fix source or dependency | | Spec drift | generated code stale | Regenerate artifacts |
Phase 2: Fix Loop
Process in dependency order: workflow config → lint → tests → build.
- Diagnose — exact file(s) and line(s) from the log
- Fix — minimal change
- Verify — run the same command from the workflow YAML locally
- If fails — revert, re-read error, try different approach (max 3 attempts)
- Commit — one per logical fix, conventional commit format
Phase 3: Push and Confirm
- Push all fix commits
gh run list --limit 1 --json status,conclusion,url- If new failures appear, loop back to Phase 1
Rules
- Batch all failures — don't fix one and stop
- Read the actual log — don't guess from job names
- Verify locally before committing
- One commit per fix
- Revert failed attempts — don't stack patches
- Don't diagnose CI from unpushed local code — push first
Common Pitfalls
| Pitfall | Instead |
|---------|---------|
| Guess fix from job name | Read gh run view <id> --log-failed |
| Blanket dep override | Scope to specific dependency paths |
| Update action SHA blindly | Check release notes for breaking changes |
| Fix warnings not in the error | Only fix what CI flagged |
| --no-verify to bypass hooks | Fix the hook issue |
Related Skills
provectus/underwriting
development
VerifiedTrustedCommunity
Insurance underwriting domain knowledge for building automated submission processing systems. Covers submission-to-bind lifecycle, document extraction patterns, compliance gates (sanctions, licensing, clearance), human-in-the-loop design for regulated financial services, confidence calibration for extracted fields, operating mode progression (manual to automated), and evidence traceability requirements. Use when designing or implementing underwriting pipelines, extraction agents, compliance workflows, HITL review systems, or decision package assembly for insurance or MGA operations.
10SKILL.mdUpdated Apr 23, 2026
provectus/typescript-development
development
VerifiedTrustedCommunity
This skill should be used when the user asks to "write TypeScript code", "create a TypeScript module", "define TypeScript types", "add type annotations", "use generics", "handle errors in TypeScript", "set up tsconfig", "organize TypeScript project", or when writing any TypeScript code that is not tied to a specific library or framework. Covers type system, strict mode, naming conventions, error handling, async patterns, and project structure.
10SKILL.mdUpdated Apr 23, 2026
provectus/terraform-conventions
development
VerifiedTrustedCommunity
Use when working with Terraform or OpenTofu - creating modules, writing tests (native test framework, Terratest), setting up CI/CD pipelines, reviewing configurations, choosing between testing approaches, debugging state issues, implementing security scanning (trivy, checkov), or making infrastructure-as-code architecture decisions. Enforces Provectus opinionated conventions (exact version pinning, etc.) on top of community best practices.
10SKILL.mdUpdated Apr 23, 2026
provectus/swift-development
development
VerifiedTrustedCommunity
This skill should be used when the user asks to "write Swift code", "create a Swift type", "set up a Swift package", "review Swift code", "refactor Swift", "use async/await in Swift", "fix Swift style", or when generating any Swift source code regardless of target platform. Provides modern Swift 6+ best practices covering type system, optionals, concurrency, error handling, protocols, generics, and idiomatic patterns. Does not cover any specific platform or framework.
10SKILL.mdUpdated Apr 23, 2026