ramblurr/garnix
prompts/skills/garnix/SKILL.md
Use when working with Garnix CI, Garnix GitHub checks, Nix flake builds, Garnix badges, Garnix Actions, or garnix-cli - explains how Garnix runs flake CI and how to inspect builds and logs.
tools
Updated May 17, 2026
$ install --global
skillsauthnpx skillsauth add ramblurr/nix-devenv garnixInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 17, 2026, 5:11 AM53.0s1 file scanned
SKILL.md
- name:
- garnix
- description:
- Use when working with Garnix CI, Garnix GitHub checks, Nix flake builds, Garnix badges, Garnix Actions, or garnix-cli - explains how Garnix runs flake CI and how to inspect builds and logs.
Garnix CI
Garnix is hosted CI + binary cache for Nix flakes. It installs as a GitHub App,
builds flake outputs, exposes results as GitHub Checks, and pushes build results
to its cache. Most github.com/ramblurr/* and github.com/outskirtslabs/*
repositories with flake.nix are already connected.
No .github/workflows/* file is needed for normal Garnix CI.
Mental model
- Trigger: push or PR to a connected GitHub repository.
- Input: repository
flake.nix. - Outputs: packages, checks, dev shells, and other supported flake outputs.
- Status: GitHub Checks API entries on the commit.
- Logs: Garnix build logs, best fetched with
garnix-cli logs <build-id>. - Cache: successful outputs are cached by Garnix.
- Config:
garnix.yamlexists but is rarely needed.
Garnix Actions are separate: flake apps can run as CI actions with network and
tools. Use them only when a build/check derivation is not the right shape.
Basic workflow
- Push a commit.
- Watch the commit's Garnix checks.
- If a build fails, get the failed build ID.
- Fetch logs by build ID.
- Fix, commit, push, repeat.
Prefer garnix-cli for steps 2-4.
garnix-cli
First check whether the tool is available:
command -v garnix-cli
If missing, enter the project dev shell. Most active projects already include it
there. If it is still missing, add garnix-cli to the dev shell packages for the
project.
Common commands:
# recent runs for current repo, auto-detected from git origin
garnix-cli list
# recent runs for another repo
garnix-cli list -R owner/repo --limit 5
# filter runs
garnix-cli list -R owner/repo --status failure
# latest run for current repo
garnix-cli view
# latest run for another repo
garnix-cli view -R owner/repo
# specific commit
garnix-cli view <commit-sha>
# watch until terminal; exit non-zero on failure/cancel
garnix-cli watch -R owner/repo --compact --exit-status --interval 10
# fetch logs from failed build ID shown by view/watch
garnix-cli logs <build-id>
Machine output:
garnix-cli --json list -R owner/repo
garnix-cli --edn view -R owner/repo
garnix-cli --plain watch -R owner/repo --compact
Private repos: use GARNIX_API_TOKEN if needed.
export GARNIX_API_TOKEN=...
GitHub checks without garnix-cli
Fallback only. Use GitHub's Checks API via gh when garnix-cli is unavailable:
gh api repos/OWNER/REPO/commits/SHA/check-runs --jq '.check_runs[] | [.name,.status,.conclusion] | @tsv'
This shows check state, but not Garnix build IDs. Prefer garnix-cli for logs.
Badges
Use the shields.io endpoint wrapper. The raw Garnix badge URL returns JSON, not an SVG, so GitHub renders it as a broken image.
[](https://garnix.io/repo/<owner>/<repo>)
Example:
[](https://garnix.io/repo/outskirtslabs/garnix-cli)
Useful links
- Garnix app: https://github.com/apps/garnix-ci
- Install app: https://github.com/apps/garnix-ci/installations/new
- Getting started: https://garnix.io/docs/getting-started/
- Caching: https://garnix.io/docs/ci/caching/
- Badges: https://garnix.io/docs/ci/badges/
garnix.yaml: https://garnix.io/docs/ci/yaml_config/- Garnix Actions: https://garnix.io/docs/actions/
- GitHub Checks API: https://docs.github.com/en/rest/checks
Related Skills
ramblurr/operational-change-protocol
testing
VerifiedTrustedCommunity
Use this OCP when executing or preparing to execute commands that change a live or important system, service reloads/restarts, package changes, deployments, migrations, firewall/network/access changes, credential rotation, NixOS switch/test/boot/deploy, or incident mitigation. It guides safe operations with a persisted ledger for scope, preflight, baseline, rollback, validation, and evidence.
SKILL.mdUpdated Jun 4, 2026
ramblurr/write-a-skill
development
VerifiedTrustedCommunity
Create new agent skills with proper structure, progressive disclosure, and bundled resources. Use when user wants to create, write, or build a new skill.
SKILL.mdUpdated May 21, 2026
ramblurr/prompts-documents
documentation
VerifiedTrustedCommunity
Naming conventions for workflow documents in prompts/. Use when creating plans, PRDs, research reports, idea capture or other workflow documents. Triggers on (1) creating new planning documents, (2) naming PRDs or research reports, (3) questions about document organization in prompts/.
SKILL.mdUpdated May 21, 2026
ramblurr/grill-with-docs
testing
VerifiedTrustedCommunity
Grilling session that challenges your plan against the existing domain model, sharpens terminology, and updates documentation (CONTEXT.md, ADRs) inline as decisions crystallise. Use when user wants to stress-test a plan against their project's language and documented decisions.
SKILL.mdUpdated May 21, 2026