gh
Load when executing GitHub tasks via the gh CLI: creating or reviewing pull requests, managing issues, checking CI runs, creating releases, searching GitHub, or making raw GitHub API calls.
Best use case
gh is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Load when executing GitHub tasks via the gh CLI: creating or reviewing pull requests, managing issues, checking CI runs, creating releases, searching GitHub, or making raw GitHub API calls.
Teams using gh should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/gh/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How gh Compares
| Feature / Agent | gh | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Load when executing GitHub tasks via the gh CLI: creating or reviewing pull requests, managing issues, checking CI runs, creating releases, searching GitHub, or making raw GitHub API calls.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# GitHub CLI (gh) Reference
## Pull Requests
```bash
# List
gh pr list
gh pr list --state merged --limit 10
gh pr list --json number,title,headRefName,statusCheckRollup
# View
gh pr view 123
gh pr view 123 --comments
gh pr view 123 --json state,mergeable,mergeStateStatus | jq
# Create
gh pr create --fill # title/body from commits
gh pr create --title "feat: add X" --body "..." --draft
gh pr create --base main --reviewer alice,bob --label "needs-review"
# Merge
gh pr merge 123 --squash --delete-branch
gh pr merge 123 --auto --squash # merge once CI passes
# Review & comment
gh pr review 123 --approve
gh pr review 123 --request-changes --body "Please fix X"
gh pr comment 123 --body "LGTM"
gh pr comment 123 --edit-last --body "Updated: LGTM"
# CI status
gh pr checks 123
gh pr checks 123 --watch # stream until complete
# Edit
gh pr edit 123 --add-label "bug" --add-reviewer charlie
gh pr edit 123 --base develop --title "Updated title"
# Other
gh pr checkout 123
gh pr diff 123
gh pr revert 123 --title "revert: undo X"
gh pr ready 123 # mark draft as ready
```
## Issues
```bash
# List
gh issue list
gh issue list --assignee @me --state open
gh issue list --label "bug" --json number,title,state
# View
gh issue view 456
gh issue view 456 --comments
# Create
gh issue create --title "Bug: X fails" --body "Steps..." --label "bug" --assignee @me
# Manage
gh issue edit 456 --add-label "priority" --milestone "v2.0"
gh issue close 456
gh issue reopen 456
gh issue comment 456 --body "Fixed in #123"
gh issue develop 456 --name "fix/issue-456" # create linked branch
```
## CI / Actions
```bash
# List runs
gh run list
gh run list --branch main --status failure --limit 5
gh run list --workflow build.yml --json name,status,conclusion,headBranch
# View a run
gh run view 12345678
gh run view 12345678 --verbose # all job steps
gh run view 12345678 --log-failed # logs for failed steps only
gh run view 12345678 --log # full log
gh run view 12345678 --exit-status # non-zero exit if failed (scripts)
# Get job IDs (required for --job flag)
gh run view 12345678 --json jobs --jq '.jobs[] | {name, databaseId}'
gh run view 12345678 --job 98765432
# Watch live
gh run watch 12345678
# Rerun
gh run rerun 12345678
gh run rerun 12345678 --failed # only failed jobs
gh run rerun 12345678 --debug # with debug logging
# Trigger workflow_dispatch
gh workflow run deploy.yml --ref main
gh workflow run deploy.yml -f env=staging -f version=1.2.3
# List workflows
gh workflow list
gh workflow view build.yml
```
## Releases
```bash
# Create
gh release create v1.2.3 --generate-notes
gh release create v1.2.3 --title "v1.2.3" --notes "Fixes #123" dist/*.tar.gz
gh release create v1.2.3 --draft --prerelease
gh release create v1.2.3 --notes-from-tag # use annotated tag message
# List / view
gh release list
gh release view v1.2.3
# Upload asset to existing release
gh release upload v1.2.3 dist/binary.tar.gz
```
## Repository
```bash
# View
gh repo view
gh repo view owner/repo --json name,description,defaultBranchRef,isPrivate
# Clone / fork
gh repo clone owner/repo
gh repo fork owner/repo --clone
# Create
gh repo create my-project --private --clone
gh repo create my-project --public --source=. --push
# Edit settings
gh repo edit --default-branch main --enable-auto-merge
gh repo edit --description "New description" --homepage "https://example.com"
# Cross-repo flag (works on most commands)
gh pr list -R owner/other-repo
```
## Search
```bash
# Repositories
gh search repos "nix config" --language nix --stars ">100" --sort stars
# Issues and PRs across GitHub
gh search issues "memory leak" --repo owner/repo --state open
gh search prs "fix authentication" --author alice --merged
gh search prs --repo owner/repo --checks failure --state open # failing CI
# Code (legacy engine - use gh api for regex)
gh search code "sops.placeholder" --repo owner/repo --language nix
```
## Raw API (escape hatch)
Placeholders `{owner}`, `{repo}`, `{branch}` are replaced from current git context. Default method is GET; switches to POST when parameters are added.
```bash
# GET with jq
gh api repos/{owner}/{repo}/actions/runs \
--jq '.workflow_runs[:5] | .[] | {name, conclusion, html_url}'
# Paginate all results
gh api repos/{owner}/{repo}/issues --paginate --jq '.[].title'
# PATCH / POST
gh api repos/{owner}/{repo}/issues/456 -X PATCH -F state=closed
gh api repos/{owner}/{repo}/labels -F name="triage" -F color="e4e669"
# Typed fields (-F): true/false/null/integers become JSON types; @file reads file
gh api repos/{owner}/{repo}/issues -F title="Bug" -F body=@issue.md
# GraphQL
gh api graphql -f query='{ viewer { login } }'
# Notifications
gh api notifications --jq '.[] | {reason, subject: .subject.title}'
```
## JSON Output Pattern
Most commands accept `--json fields` with optional `--jq expression`:
```bash
# Named fields only
gh pr list --json number,title,state,headRefName
gh run list --json name,status,conclusion,headBranch,createdAt
# Filter inline
gh pr list --json number,title,statusCheckRollup \
--jq '.[] | select(.statusCheckRollup | any(.state == "FAILURE")) | .number'
# Check mergeability
gh pr view 123 --json mergeable,mergeStateStatus
# Combine with jq outside gh for complex transforms
gh issue list --json number,title,labels | jq '.[] | select(.labels | any(.name == "bug"))'
```
## Status & Auth
```bash
gh status # cross-repo overview: assigned PRs, review requests, mentions
gh auth status # active account, token scopes, expiry
gh auth token # print current token
```Related Skills
prose-style-reference
Extended writing reference for documentation and content creation. Load for blog posts, READMEs, technical guides, and long-form writing.
llm-security
Security guidelines for LLM applications based on OWASP Top 10 for LLM 2025. Use when building LLM apps, reviewing AI security, implementing RAG systems, or asking about LLM vulnerabilities like 'prompt injection' or 'check LLM security'. IMPORTANT: Always consult this skill when building chatbots, AI agents, RAG pipelines, tool-using LLMs, agentic systems, or any application that calls an LLM API (OpenAI, Anthropic, Gemini, etc.) — even if the user doesn't explicitly mention security. Also use when users import 'openai', 'anthropic', 'langchain', 'llamaindex', or similar LLM libraries.
writing-clearly-and-concisely
Core writing rules for clear, concise prose. Load when writing any text a human will read.
meet-the-agents
Registry of available specialist agents and their task domains. Load when delegating a task, selecting an agent, or unsure which agent to use.
code-security
Security guidelines for writing secure code. Use when writing code, reviewing code for vulnerabilities, or asking about secure coding practices like 'check for SQL injection' or 'review security'. IMPORTANT: Always consult this skill when writing or reviewing any code that handles user input, authentication, file operations, database queries, network requests, cryptography, or infrastructure configuration (Terraform, Kubernetes, Docker, GitHub Actions) — even if the user doesn't explicitly mention security. Also use when users ask to 'review my code', 'check this for bugs', or 'is this safe'.
semgrep
Run Semgrep static analysis scans and create custom detection rules. Use when asked to scan code with Semgrep, find security vulnerabilities, write custom YAML rules, or detect specific bug patterns. IMPORTANT: Also use this skill when users ask to 'scan for bugs', 'check code quality', 'find vulnerabilities', 'static analysis', 'lint for security', 'audit this code', or want to enforce coding standards — even if they don't mention Semgrep by name. Semgrep is the right tool for pattern-based code scanning across 30+ languages.
workspace-surface-audit
Audit the active repo, MCP servers, plugins, connectors, env surfaces, and harness setup, then recommend the highest-value ECC-native skills, hooks, agents, and operator workflows. Use when the user wants help setting up Claude Code or understanding what capabilities are actually available in their environment.
ui-demo
Record polished UI demo videos using Playwright. Use when the user asks to create a demo, walkthrough, screen recording, or tutorial video of a web application. Produces WebM videos with visible cursor, natural pacing, and professional feel.
token-budget-advisor
Offers the user an informed choice about how much response depth to consume before answering. Use this skill when the user explicitly wants to control response length, depth, or token budget. TRIGGER when: "token budget", "token count", "token usage", "token limit", "response length", "answer depth", "short version", "brief answer", "detailed answer", "exhaustive answer", "respuesta corta vs larga", "cuántos tokens", "ahorrar tokens", "responde al 50%", "dame la versión corta", "quiero controlar cuánto usas", or clear variants where the user is explicitly asking to control answer size or depth. DO NOT TRIGGER when: user has already specified a level in the current session (maintain it), the request is clearly a one-word answer, or "token" refers to auth/session/payment tokens rather than response size.
skill-comply
Visualize whether skills, rules, and agent definitions are actually followed — auto-generates scenarios at 3 prompt strictness levels, runs agents, classifies behavioral sequences, and reports compliance rates with full tool call timelines
santa-method
Multi-agent adversarial verification with convergence loop. Two independent review agents must both pass before output ships.
safety-guard
Use this skill to prevent destructive operations when working on production systems or running agents autonomously.