gh-actions-validator
Automatically validates and enforces GitHub Actions best practices for Vertex AI and Google Cloud deployments. Expert in Workload Identity Federation (WIF), Vertex AI Agent Engine deployment pipelines, security validation, and CI/CD automation. Triggers: "create github actions", "deploy vertex ai", "setup wif", "validate github workflow", "gcp deployment pipeline"
80
72%
Does it follow best practices?
Impact
100%
1.78xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./backups/skills-batch-20251204-000554/plugins/devops/jeremy-github-actions-gcp/skills/gh-actions-validator/SKILL.mdEvaluation results
100%
Deploy AI Chatbot to Google Cloud
WIF authentication and OIDC permissions
No credentials_json
100%
100%
WIF provider param
100%
100%
WIF service_account param
100%
100%
id-token write permission
100%
100%
contents read permission
100%
100%
Correct auth action version
100%
100%
Path-based trigger
100%
100%
workflow_dispatch trigger
100%
100%
Deployment notes explain WIF
100%
100%
Notes reject JSON keys
100%
100%
100%
93%Vertex AI Agent Configuration Validator
Vertex AI agent config validation
Allowed model names
0%
100%
Code exec TTL range
0%
100%
Sandbox type SECURE_ISOLATED
0%
100%
Timeout range
28%
100%
Memory max_memories threshold
0%
100%
Memory indexing enabled
0%
100%
Memory auto_cleanup enabled
0%
100%
Model Armor required
0%
100%
VPC config required
0%
100%
min_instances >= 1
0%
100%
max_instances >= 3
0%
100%
Clear error messages
0%
100%
Passing config validates
100%
100%
100%
39%GCP Security Audit Pipeline
Security scanning and IAM validation workflow
TruffleHog secrets scan
0%
100%
Trivy vulnerability scan
100%
100%
SA key file detection
30%
100%
credentials_json grep check
0%
100%
IAM owner/editor check
100%
100%
PR and push trigger
100%
100%
No credentials_json in new workflow
100%
100%
Trivy SARIF output
0%
100%
Security policy documents checks
100%
100%
Fail-fast on violations
100%
100%
- Commit
c8a915c
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.