feat: add shared/gh-skill.md workflow for gh skill install

[Copilot]

Summary

Adds a new shared agentic workflow shared/gh-skill.md that installs GitHub agent skills using gh skill install as pre-agent-steps, making skills available to the AI agent before it starts.

Changes

.github/workflows/shared/gh-skill.md (new file)

A shared workflow that:

• Accepts a required skills array via import-schema
• Accepts an optional github-token input for authenticating skill downloads; falls back to the built-in GITHUB_TOKEN
• Accepts an optional upstream boolean input (default true) — passes --upstream to gh skill install by default; set to false to skip the upstream update
• Passes --allow-hidden-dirs and --force to every gh skill install call by default
• Logs gh --version in a collapsible group before any gh skill install call for visibility and debugging
• Adds pre-agent-steps that run gh skill install for each skill before the agent executes
• Supports three skill formats:
  • owner/repo — installs all skills from the repository
  • owner/repo/skill-name — installs a specific skill (latest, with --upstream)
  • owner/repo/skill-name@ref — the @ref suffix is parsed out and passed as --pin ref to pin to a specific tag, branch, or SHA
• The active engine is determined automatically from the compiler-injected GH_AW_ENGINE_ID job-level env var — no engine input required

pkg/workflow/compiler_main_job.go (updated)

• The compiler now injects GH_AW_ENGINE_ID as a job-level env var on the agent job, set at compile time from EngineConfig.ID / AI. This makes the engine identity available to pre-agent-steps without requiring an explicit user input.

pkg/cli/integration/smoke-gh-skill.md (new file)

• A dedicated integration test workflow (stored in pkg/cli/integration/) that imports shared/gh-skill.md (installs github/awesome-copilot/dependabot) and asks the Copilot agent to verify the skill was correctly installed before execution.

Engine → agent mapping

The engine is read from $GH_AW_ENGINE_ID (injected by the compiler):

GH_AW_ENGINE_ID value	gh skill --agent value
copilot (default)	github-copilot
claude	claude-code
codex	codex
gemini	gemini-cli
opencode	opencode

Usage

engine: copilot
imports:
  - uses: shared/gh-skill.md
    with:
      skills:
        - github/awesome-copilot/documentation-writer
        - github/awesome-copilot/code-review@v1.2.0

No engine: input is needed in the with: block — the compiler automatically sets GH_AW_ENGINE_ID on the job from the workflow's engine: field.

To opt out of the upstream update:

imports:
  - uses: shared/gh-skill.md
    with:
      upstream: false
      skills:
        - github/awesome-copilot/documentation-writer

For private skill repositories, pass a token explicitly:

imports:
  - uses: shared/gh-skill.md
    with:
      github-token: ${{ secrets.MY_SKILLS_TOKEN }}
      skills:
        - my-org/private-skills/my-skill

Security Review

New secrets used:

• GITHUB_TOKEN — built-in default fallback (always available)
• Custom token via the github-token input — user-supplied, optional

No internal organization secrets are hardcoded. No new third-party actions or containers are introduced.

Requirements

• GitHub CLI v2.90.0+ (for gh skill support, available on standard GitHub-hosted runners since April 2026)

[pelikhan]

@copilot not internal secrets, use input instead

[Copilot]

Fixed in 281778b — replaced the internal secrets with a token import-schema input (optional, falls back to built-in GITHUB_TOKEN). Users pass their own token via token: ${{ secrets.MY_TOKEN }}.

[pelikhan]

@copilo no AI_AGENT env. there should be an input with the gh-aw engine of that gets mapped to the gh skill agent names.

[Copilot]

Fixed in 281778b — added an engine import-schema input that maps gh-aw engine names to gh skill --agent values:

engine input	--agent value
copilot (default)	github-copilot
claude	claude-code
codex	codex
gemini	gemini-cli
opencode	opencode

Usage:

engine: claude
imports:
  - uses: shared/gh-skill.md
    with:
      engine: claude
      skills:
        - github/awesome-copilot/documentation-writer

[github-actions]

Hey @Copilot 👋 — great work adding the shared/gh-skill.md workflow! The implementation is clean and well-documented, the skill-format table is a nice touch, and the token precedence chain mirrors the established pattern from shared/apm.md. The PR description is thorough and the security review section is appreciated.

One thing that would strengthen this before merge:

• Add tests — the new pre-agent-steps shell logic (skill parsing, the owner/repo vs owner/repo/skill-name vs owner/repo/skill-name@version branching, the empty-skills guard) isn't covered by any test file. Adding at least a unit/integration test for the parsing logic and the error path (count=0 guard) would give reviewers confidence that edge cases are handled correctly.

If you'd like a hand, you can assign this prompt to your coding agent:

Add tests for the shared/gh-skill.md workflow's shell parsing logic.
Specifically, cover these scenarios in the appropriate test location for this project (check existing test patterns in the repo):
1. A skill entry in `owner/repo` format → should call `gh skill install <repo> --agent <agent>` (no skill-part argument).
2. A skill entry in `owner/repo/skill-name` format → should call `gh skill install <repo> <skill-name> --agent <agent>`.
3. A skill entry in `owner/repo/skill-name@version` format → should call `gh skill install <repo> <skill-name@version> --agent <agent>`.
4. An empty skills array → should exit 1 with the expected error message.
5. AI_AGENT env var unset → should default to `github-copilot`.

Generated by Contribution Check · ● 507.1K · ◷

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw MONzJQqdddo5 (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv -main/dist/index.js (http block)
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[pelikhan]

@copilot

• enable --upstream by default and add input to turn off
• assume input refs are its
  _ref like string (repo/path@ref) , parse out and add support to --pin ...

[Copilot]

@copilot

• enable --upstream by default and add input to turn off...

Done in 27f3d27:

• --upstream by default: added upstream boolean input (default true). --upstream is passed unless upstream: false is set in the with: block.
• --pin support: the @ref suffix in owner/repo/skill-name@ref is now parsed out and passed as --pin ref to gh skill install. Any git ref (tag, branch, SHA) is accepted.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• cli.github.com
  • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)
• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw MCbs4eFSr6he (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw Bx/iD6lbIev81Oixapi (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[pelikhan]

@copilot rename token: to github-token:

[Copilot]

@copilot rename token: to github-token:

Done in 14d6793 — renamed token to github-token throughout the import-schema, env block, and docs.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw AeBv0vDMrHdb (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[pelikhan]

@copilot

• use --allow-hidden-dirs and --force by default
• update smoke-copilot and import github/awesome-copilot dependabot skill

[pelikhan]

@copilot the compiler should populate the variable with the selected engine id or use a job level env var with the engine id

[Copilot]

Done in c6136e8. The compiler now injects GH_AW_ENGINE_ID as a job-level env var (set from EngineConfig.ID / AI at compile time — e.g. GH_AW_ENGINE_ID: copilot). The engine import-schema input has been removed from shared/gh-skill.md; the shell script reads ${GH_AW_ENGINE_ID:-copilot} directly from the environment.

[Copilot]

@copilot

• use --allow-hidden-dirs and --force by default...

Done in 69e5f49:

• --allow-hidden-dirs and --force are now passed by default on every gh skill install call in shared/gh-skill.md.
• smoke-copilot.md now imports shared/gh-skill.md and installs github/awesome-copilot/dependabot before the agent runs.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw 10eZsr7x5rnx (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw n33gvDIqhZBhH097-C (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv ithub/workflows ^remote\..*\.gh-resolved$ iew.lock.yml l (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv ithub/workflows rev-parse ock.yml (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv ithub/workflows latest /usr/bin/git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv xterm-color -goversion arian.lock.yml -c=4 -nolocalimports -importcfg infocmp -1 xterm-color erena-mcp-server:latest n-advisor.lock.yml (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv ithub/workflows (http block)
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv ithub/workflows -f $name) { hasDiscussionsEnabled } } -f owner=github DiscussionsEnablgraphql git -C ithub/workflows rev-parse ock.yml (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch /home/REDACTED/worremote.origin.url config r: $owner, name: $name) { hasDiscussionsEnabled } } remote.origin.urgit (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch /home/REDACTED/worremote.origin.url show r: $owner, name: $name) { hasDiscussionsEnabled } } (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[github-actions]

⚠️ Smoke Crush failed. Crush encountered unexpected challenges...

[github-actions]

🚀 Smoke OpenCode MISSION COMPLETE! OpenCode delivered. 🔥

[github-actions]

⚠️ Smoke Gemini failed. Gemini encountered unexpected challenges...

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[pelikhan]

@copilot add code to log the gh version before calling.
Remove from smoke-copilot, but add a integration test workflow

[github-actions]

Agent Container Tool Check

Tool	Status	Version
bash	✅	5.2.21
sh	✅	available
git	✅	2.53.0
jq	✅	1.7
yq	✅	4.52.5
curl	✅	8.5.0
gh	✅	2.89.0
node	✅	22.22.2
python3	✅	3.10.16 (PyPy 7.3.19)
go	✅	1.24.13
java	✅	10.0.201
dotnet	✅	10.0.201

Result: 12/12 tools available ✅

Overall Status: PASS

🔧 Tool validation by Agent Container Smoke Test · ● 166.1K · ◷

[github-actions]

Smoke Test Codex: FAIL
PRs: #29198 refactor: use map[T]struct{} for set semantics instead of map[T]bool; #29200 [log] Add debug logging to 5 pkg/ files for better troubleshooting visibility
✅ GitHub MCP, Serena, Playwright, file write, bash, build
❌ Web Fetch MCP unavailable
❌ Comment memory files missing

Warning

Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

• ab.chatgpt.com
• chatgpt.com

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "ab.chatgpt.com"
    - "chatgpt.com"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex · ◷

[github-actions]

Commit pushed: 96d121d

Generated by Changeset Generator

[github-actions]

Smoke Test Results — Run 25138536105

Test	Status
1 GitHub MCP (merged PRs)	✅
2 MCP Scripts GH CLI	✅
3 Serena MCP	✅
4 Make Build	✅
5 Playwright	✅
6 Tavily Search	✅
7 File Write	✅
8 Bash Verify	✅
9 Discussion Comment	✅
10 Agentic Workflows MCP	❌ Tool error
11 Slack Safe Output	✅
12 Code Scanning Alert	✅
13 Update PR	✅
14 PR Review Comments	✅
15 Submit PR Review	✅
16 Resolve Thread	⚠️ Skipped
17 Add Reviewer	✅
18 Push to Branch	✅
19 Close Test PR	⚠️ Skipped

Overall: PARTIAL — 16 ✅, 1 ❌ (AW MCP status error), 2 ⚠️ skipped

💥 [THE END] — Illustrated by Smoke Claude · ● 243.1K · ◷

[github-actions]

💥 Automated smoke test review - all systems nominal! This PR adds shared/gh-skill.md for installing agent skills via gh skill install. The implementation looks solid with proper engine mapping and upstream flag support.

💥 [THE END] — Illustrated by Smoke Claude · ● 243.1K

[github-actions]

The import-schema block is well-structured with clear descriptions for each field. The skills array type is correctly defined as required.

Consider adding a default for engine in the schema (e.g., default: copilot) to make the default explicit in documentation. 🔍

[github-actions]

The shared/gh-skill.md import looks good! The dependabot skill from github/awesome-copilot is a sensible smoke test dependency. This validates the entire gh skill install pipeline in CI. 🎯

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw -pack /home/REDACTED/work/gh-aw/gh-aw/cmd/gh-aw/main.go (http block)
  • Triggering command: /usr/bin/gh gh repo view --json owner,name --jq .owner.login + "/" + .name 64/pkg/tool/linux_amd64/link -f owner=github DiscussionsEnabl--git-dir 64/pkg/tool/linux_amd64/link imag�� 4058709652 mcp/context7 64/pkg/tool/linux_amd64/compile nore (http block)
• https://api.github.com/orgs/test-owner/actions/secrets
  • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name h ../../../.prettierignore (http block)
• https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
  • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv $name) { has--get git /usr/bin/git 0606/001/stabiligit show ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.8/x64/pkg/tool/linux_amd64/cgo /usr/bin/git 645854909/.githunode rev-parse ck git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv --noprofile git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv --noprofile git /usr/bin/git --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/gh git rev-�� --show-toplevel gh /usr/bin/git /repos/github/ghnode --jq /usr/bin/git git (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v3
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv --show-toplevel bash /usr/bin/git ithub/workflows (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel bash /usr/bin/git git rev-�� --show-toplevel git .cfg l_request_branchgit node /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel /bin/sh /usr/bin/infocmp--show-toplevel git rev-�� --show-toplevel infocmp .cfg xterm-color git /usr/bin/git git (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v5
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv /home/REDACTED/work/gh-aw/gh-aw/.github/workflows config k/gh-aw/gh-aw/actions/node_modules/.bin/sh remote.origin.urinfocmp (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel /usr/bin/gh /usr/bin/git sRemoteWithRealGtr sRemoteWithRealG\n e_modules/.bin/n: git rev-�� --show-toplevel /usr/bin/gh /usr/bin/git 1703-10206/test-git -f ache/go/1.25.8/x--show-toplevel git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel /usr/lib/git-core/git /usr/bin/git --objects (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv get --local ock.yml http.https://gitgit (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv get --local yml http.https://gitinfocmp (http block)
• https://api.github.com/repos/actions/github-script/git/ref/tags/v8
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/infocmp /home/REDACTED/worgit on ache/go/1.25.8/x--oneline infocmp -1 xterm-color ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/infocmp --show-toplevel git /usr/bin/git infocmp -1 xterm-color git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/infocmp --show-toplevel git /usr/bin/gh infocmp -1 xterm-color gh (http block)
• https://api.github.com/repos/actions/github-script/git/ref/tags/v9
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv copilot/add-shared-agentic-workflow-gh-skill^{coremote.origin.url (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv ithub/workflows (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv n-sa1 > /dev/null && debian-sa1 1 1 (http block)
• https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel x_amd64/vet /usr/bin/infocmp '**/*.ts' '**/*.git -f /usr/bin/infocmp--show-toplevel infocmp -1 xterm-color infocmp /usr/bin/git 53/001/test-inligit (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git-receive-packrev-parse /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel ache/node/24.14.rev-parse /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --noprofile git /home/REDACTED/.config/composer/vendor/bin/bash --show-toplevel git /usr/bin/git bash --no�� --noprofile git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv /tmp/gh-aw-test-runs/20260429-231703-10206/test-4240015765/.github/workflows config /usr/bin/git remote.origin.urgit h843249193/001' kflows/ai-modera--show-toplevel git conf�� --get remote.origin.url /usr/bin/git 01 (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel x_amd64/vet /usr/bin/infocmp '**/*.ts' '**/*.git config ode infocmp -1 xterm-color git /usr/bin/git k/gh-aw/gh-aw/.ggit show 64/bin/node git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git 64/pkg/tool/linux_amd64/compile --show-toplevel git /usr/bin/git 64/pkg/tool/linux_amd64/compile rev-�� --show-toplevel git /usr/bin/git --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git git (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv get --local n-dir/bash http.https://gitgit (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv ithub/workflows/ai-moderator.md (http block)
• https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
  • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv ErrorFormatting1613403855/001 --jq .cfg h ../../../.pretgit (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel bash /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/gh git (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch --local --get r: $owner, name: $name) { hasDiscussionsEnabled } } (http block)
• https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/gh '**/*.ts' '**/*.git show er: String!, $na--show-toplevel gh run download 1 /usr/bin/git test-logs/run-1 (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel git 3618732/b455/vet.cfg uest|push_to_pulgit git sv git rev-�� --show-toplevel git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet --show-toplevel git /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --noprofile git 6818646/b461/vet.cfg --show-toplevel git /usr/bin/git bash --no�� --noprofile git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet --show-toplevel git /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
• https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv ithub-script/git/ref/tags/v9 ache/go/1.25.8/xscripts/**/*.js bject.type] | @tsv 214849776/001' 214849776/001' /usr/local/sbin/--show-toplevel git rev-�� --show-toplevel iptables om/myorg/repo.git w/js/**/*.json' git security (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel erignore /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel infocmp /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv -t security tnet/tools/bash -nxv git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel x_amd64/vet /usr/bin/git git (http block)
• https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv ons-test3907517996 bpk7_zl--6VS /usr/bin/git h ../../../.pretgit (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel erignore /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv -t security nfig/composer/vendor/bin/bash OUTPUT -d 168.63.129.16 git rev-�� --show-toplevel conntrack /usr/bin/git INVALID,NEW -j DROP git (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs
  • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --limit 100 --created >=2026-04-22 (http block)
  • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --limit 100 --created >=2026-03-30 (http block)
  • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --limit 100 --created >=2026-01-29 owner=github -f git 1/x6�� /home/REDACTED/work/gh-aw/gh-aw/.github/workflows config tartedAt,updatedAt,event,headBranch,headSha,displayTitle remote.origin.urgit (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name show tions/setup/js/node_modules/.bin/prettier (http block)
  • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name config (http block)
  • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 itbranch_with_hyphen126782810/002/work /usr/bin/gh l owner=github -f /usr/bin/gh api ithout_min-integrity4014347165/001 -f kflows/test-project-url-default.lock.yml -f owner=github -f git (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name show /usr/bin/git (http block)
  • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 show 1/x64/bin/sh (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name rev-parse er: String!, $name: String!) { repository(owne../../../.prettierignore (http block)
  • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 config /usr/bin/infocmp remote.origin.urgit (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name -f kflows/smoke-copilot-arm.lock.yml -f owner=github -f git -C mpiledOutput2216--limit rev-parse /usr/bin/infocmp--created (http block)
  • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 show /usr/bin/git (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name config /usr/bin/gh remote.origin.ur/usr/bin/git (http block)
  • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 rev-parse ode (http block)
• https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
  • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name mLsRemoteWithRealGitbranch_with_hyphen126782810/001' /usr/bin/git (http block)
  • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 (http block)
• https://api.github.com/repos/github/gh-aw/actions/workflows
  • Triggering command: /usr/bin/gh gh workflow list --json name,state,path h ../../../.prettierignore (http block)
  • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 (http block)
  • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 (http block)
• https://api.github.com/repos/github/gh-aw/contents/.github/workflows/shared/reporting.md
  • Triggering command: /tmp/go-build1677946078/b404/cli.test /tmp/go-build1677946078/b404/cli.test -test.testlogfile=/tmp/go-build1677946078/b404/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true (http block)
• https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel erignore /usr/bin/git SameOutput301104git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel e/git-remote-httrev-parse /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel bash /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git /usr/bin/git git /usr/bin/git git (http block)
• https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv k/gh-aw/gh-aw/.github/workflows show 1/x64/bin/node l (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel node /usr/bin/git /home/REDACTED/worgit bash /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel (http block)
• https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv k/gh-aw/gh-aw/.g-errorsas conntrack /usr/bin/git l -j DiscussionsEnabl/tmp/TestHashConsistency_GoAndJavaScript4149907753/001/test-inlined-imports-enabled-with-env-template-expressions-in-body.md git rev-�� on' --ignore-path ../../../.pret.prettierignore (http block)
• https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv --noprofile (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows erena-mcp-server:latest ./gh-aw (http block)
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows (http block)
• https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv --noprofile (http block)
• https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
  • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv /home/REDACTED/work/gh-aw/gh-aw/.github/workflows config 64/pkg/tool/linux_amd64/vet nore ler_yaml.go 1/x64/bin/bash 64/pkg/tool/linux_amd64/vet ache�� /home/REDACTED/work/gh-aw/gh-aw/.gremote.origin.url rev-parse k/gh-aw/gh-aw/node_modules/.bin/sh (http block)
  • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git (http block)
  • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git heckout/git/ref//tmp/go-build2296321242/b001/workflow.test git bject.type] | @t-test.paniconexit0 git (http block)
• https://api.github.com/repos/nonexistent/repo/actions/runs/12345
  • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion remote.origin.ur/opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet ler_yaml_main_jo-atomic 64/bin/git git -C /home/REDACTED/wor-errorsas show 64/pkg/tool/linu-nilfunc nore (http block)
• https://api.github.com/repos/owner/repo/actions/workflows
  • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo yml (http block)
  • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo /usr/local/bin/iptables (http block)
  • Triggering command: /usr/bin/gh gh workflow list --repo owner/repo --json name,path,state rgo/bin/bash \|skill install smoke-copilot.lorev-parse DiscussionsEnabl--show-toplevel git -C agent-performance-analyzer.md rev-parse ache/node/24.14.1/x64/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/nodexterm-color low-gh-skill^{cogh (http block)
• https://api.github.com/repos/test-owner/test-repo/actions/secrets
  • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name h ../../../.prettierignore (http block)
• https://api.github.com/repos/test/repo
  • Triggering command: /usr/bin/gh gh api /repos/test/repo --jq .default_branch rity2468231670/001 (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

@copilot add code to log the gh version before calling.
Remove from smoke-copilot, but add a integration test workflow

Done in 5a233ab:

• shared/gh-skill.md now runs gh --version inside a collapsible ::group:: block before any gh skill install calls.
• Removed the shared/gh-skill.md import from smoke-copilot.md.
• Added .github/workflows/smoke-gh-skill.md — a dedicated integration test workflow that imports shared/gh-skill.md (installs github/awesome-copilot/dependabot) and then asks the Copilot agent to verify the skill was installed correctly.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw /tmp/go-build2440787848/b001/importcfg -pack /tmp/go-build2440787848/b001/_testmain.go (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv low-gh-skill^{commit} (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv low-gh-skill^{coremote.origin.url (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv low-gh-skill^{coremote.origin.url (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[pelikhan]

@copilot move . github/workflows/smoke-gh-skill.md to pkg/cli/integraiton

[Copilot]

@copilot move . github/workflows/smoke-gh-skill.md to pkg/cli/integraiton

Done in 50b286b — smoke-gh-skill.md has been moved to pkg/cli/integration/smoke-gh-skill.md and the old .github/workflows/smoke-gh-skill.md (and its compiled .lock.yml) have been removed.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .default_branch (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[pelikhan]

@copilot merge main and recompile