@sentry/junior-github 0.29.0 → 0.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/{skills/github/README.md → SETUP.md} +9 -10
  2. package/package.json +3 -2
  3. package/skills/github-code/SKILL.md +88 -0
  4. package/skills/github-code/references/api-surface.md +51 -0
  5. package/skills/{github → github-code}/references/troubleshooting-workarounds.md +14 -17
  6. package/skills/github-issues/SKILL.md +90 -0
  7. package/skills/github-issues/references/api-surface.md +44 -0
  8. package/skills/github-issues/references/issue-bug.md +43 -0
  9. package/skills/{github → github-issues}/references/issue-examples.md +22 -1
  10. package/skills/github-issues/references/issue-feature.md +37 -0
  11. package/skills/github-issues/references/issue-quality-checklist.md +25 -0
  12. package/skills/github-issues/references/issue-task.md +36 -0
  13. package/skills/{github → github-issues}/references/research-rules.md +4 -4
  14. package/skills/github-issues/references/troubleshooting-workarounds.md +21 -0
  15. package/skills/github/SKILL.md +0 -173
  16. package/skills/github/references/api-surface.md +0 -71
  17. package/skills/github/references/common-use-cases.md +0 -99
  18. package/skills/github/references/issue-quality-checklist.md +0 -40
  19. package/skills/github/references/issue-template-bug.md +0 -37
  20. package/skills/github/references/issue-template-feature.md +0 -36
  21. package/skills/github/references/issue-template-task.md +0 -35
  22. package/skills/github/references/issue-type-bug.md +0 -30
  23. package/skills/github/references/issue-type-feature.md +0 -27
  24. package/skills/github/references/issue-type-task.md +0 -25
  25. package/skills/github/references/sandbox-runtime.md +0 -17
package/{skills/github/README.md → SETUP.md} RENAMED
@@ -1,6 +1,6 @@
1
- # github setup
1
+ # GitHub plugin setup
2
2
 
3
- This skill uses host-issued GitHub App installation tokens.
3
+ This plugin exposes two skills — `github-code` (clone, source-code investigation, pull requests) and `github-issues` (issue workflows) — both authenticated via host-issued GitHub App installation tokens.
4
4
 
5
5
  ## 1) Create/install GitHub App
6
6
 
@@ -61,13 +61,13 @@ Repeat for `preview` and `development` as needed. After env changes, redeploy so
61
61
 
62
62
  ## 3) Runtime behavior
63
63
 
64
- - When the GitHub skill is active, authenticated `gh` and `git` commands cause the runtime to inject GitHub credentials automatically for the current turn.
64
+ - When either GitHub skill is active, authenticated `gh` and `git` commands cause the runtime to inject GitHub credentials automatically for the current turn.
65
65
  - Issued credentials are reused only within the current turn.
66
66
  - Sandbox does not receive raw tokens via env; host applies Authorization header transforms for GitHub API calls.
67
67
 
68
68
  ## 4) CLI usage
69
69
 
70
- Run as a regular sandbox `bash` command while this skill is active:
70
+ Run as a regular sandbox `bash` command while the relevant skill is active:
71
71
 
72
72
  Clone a repository with a shallow checkout by default:
73
73
 
@@ -82,8 +82,7 @@ git -C repo fetch --depth=50 origin
82
82
  git -C repo fetch --unshallow
83
83
  ```
84
84
 
85
- GitHub operations still require the GitHub skill, but the runtime injects
86
- credentials automatically when the skill is active:
85
+ GitHub operations still require a GitHub skill to be active; the runtime injects credentials automatically when one is loaded:
87
86
 
88
87
  ```bash
89
88
  gh issue create --repo owner/repo --title "Example issue" --body-file /vercel/sandbox/tmp/issue.md
@@ -92,7 +91,7 @@ gh issue create --repo owner/repo --title "Example issue" --body-file /vercel/sa
92
91
  `gh` supports either direct `GITHUB_TOKEN` (for local debugging) or sandbox-level header injection.
93
92
  The runtime uses `github.issues.read` for read-only issue commands, `github.issues.write` for issue edits, comments, and labels, `github.contents.write` for pushes and merge operations, and `github.pull-requests.write` for PR mutations after the branch is already on the remote.
94
93
 
95
- GitHub capability scoping is a safety rail, not a hard sandbox boundary. It helps prevent accidental write scope and wrong-repo mutations, and the host runtime still decides when to mint credentials. Credential injection is skill-scoped: load the active GitHub skill first, keep repo context explicit, and let the runtime choose the required capability for the command.
94
+ GitHub capability scoping is a safety rail, not a hard sandbox boundary. It helps prevent accidental write scope and wrong-repo mutations, and the host runtime still decides when to mint credentials. Credential injection is skill-scoped: load the relevant GitHub skill first, keep repo context explicit, and let the runtime choose the required capability for the command.
96
95
 
97
96
  Be careful with mixed-surface PR commands:
98
97
 
@@ -131,10 +130,10 @@ jr-rpc config set github.repo getsentry/junior
131
130
  - `GITHUB_INSTALLATION_ID`
132
131
  2. Confirm the GitHub App is installed on your test repo with the permissions above.
133
132
  3. Deploy `main` to prod.
134
- 4. Run `/github` to create an issue in a safe test repo.
133
+ 4. Exercise `github-issues` to create an issue in a safe test repo.
135
134
  5. Verify the issue is authored by the GitHub App identity.
136
- 6. Run `/github` to update title/body, add/remove labels, and add a comment.
137
- 7. Push a test branch and run `/github` to create a draft PR using explicit repo targeting and `--head`.
135
+ 6. Exercise `github-issues` to update title/body, add/remove labels, and add a comment.
136
+ 7. Push a test branch and exercise `github-code` to create a draft PR using explicit repo targeting and `--head`.
138
137
  8. Verify all mutations succeed and are attributed to the app.
139
138
  9. Verify GitHub API calls succeed while this skill is active without writing tokens into sandbox env/files.
140
139
  10. Verify raw token values are never printed in output or logs.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sentry/junior-github",
3
- "version": "0.29.0",
3
+ "version": "0.31.0",
4
4
  "private": false,
5
5
  "publishConfig": {
6
6
  "access": "public"
@@ -8,6 +8,7 @@
8
8
  "type": "module",
9
9
  "files": [
10
10
  "plugin.yaml",
11
- "skills"
11
+ "skills",
12
+ "SETUP.md"
12
13
  ]
13
14
  }
package/skills/github-code/SKILL.md ADDED
@@ -0,0 +1,88 @@
1
+ ---
2
+ name: github-code
3
+ description: Clone GitHub repositories, investigate source code, and manage pull requests via GitHub CLI. Use when users ask to inspect implementation details in a repository, clone code, edit files, answer source-code questions from repo evidence, or open/edit/view/merge pull requests. Prefer this skill for repository and code tasks even when the repo concerns Sentry products.
4
+ allowed-tools: bash
5
+ ---
6
+
7
+ # GitHub Code Operations
8
+
9
+ Repository checkout, source-code investigation, and pull request operations via `gh` CLI.
10
+
11
+ ## Reference loading
12
+
13
+ | Operation | Load |
14
+ | ------------- | -------------------------------------------------------------------------------------- |
15
+ | Any operation | [references/api-surface.md](references/api-surface.md) |
16
+ | On failure | [references/troubleshooting-workarounds.md](references/troubleshooting-workarounds.md) |
17
+
18
+ ## Workflow
19
+
20
+ ### 1. Resolve operation and target
21
+
22
+ - Determine whether the task is `clone`, `source-code investigation`, a pull request inspection (`view`, `list`, `diff`, `checks`), or a pull request mutation (`create`, `update`, `close`, `merge`).
23
+ - Resolve repository (`owner/repo`). If not explicit, query channel config with `jr-rpc config get github.repo` before running any `gh` or `git` command. If still missing, ask the user.
24
+ - Resolve the pull request number for operations targeting an existing PR.
25
+ - Keep `--repo owner/repo` explicit on `gh` commands so the command itself targets the intended repository, not a stale default.
26
+
27
+ ### 2. Execute by operation type
28
+
29
+ **Clone** → shallow clone path below.
30
+ **Source-code investigation** → source-code path below.
31
+ **Pull request inspection** → inspection path below.
32
+ **Pull request mutation** → mutation path below.
33
+
34
+ ---
35
+
36
+ ### Clone path
37
+
38
+ - Default to a shallow clone; deepen incrementally only when the task needs history.
39
+ - Use exact command forms from [references/api-surface.md](references/api-surface.md).
40
+ - After cloning, check for `AGENTS.md` in the repo root (and `.github/AGENTS.md`) before making edits. Treat discovered instructions as hard constraints.
41
+ - Report the local directory and whether the clone is shallow or full.
42
+
43
+ ---
44
+
45
+ ### Source-code investigation path
46
+
47
+ - Use for questions like "where is this implemented?", "how does this workflow work in code?", "is there already logic for X?", or "verify this from the repo."
48
+ - If the current workspace already contains the target repository, inspect local files directly before cloning.
49
+ - Prefer the narrowest deterministic evidence: local file search, exact file reads, targeted clone inspection, existing issues/PRs, tests.
50
+ - Cite repository evidence in the reply: file paths, symbols, issue/PR numbers, or commit references when known.
51
+ - If evidence is incomplete, say what is unknown instead of guessing.
52
+
53
+ ---
54
+
55
+ ### Pull request inspection path
56
+
57
+ - Use read-only `gh pr` commands from [references/api-surface.md](references/api-surface.md); skip branch resolution and push logic.
58
+ - Return canonical PR URL, PR number when available, target repository, and the fields the user asked to inspect.
59
+ - If the PR cannot be resolved, report the exact not-found or auth failure and stop.
60
+
61
+ ---
62
+
63
+ ### Pull request mutation path
64
+
65
+ #### 3. Resolve mutation inputs
66
+
67
+ - For PR creation, resolve the base branch (explicit user request wins; otherwise repository default).
68
+ - Resolve the head branch from the current checkout or user request.
69
+ - If the head branch may not exist on the remote yet, push it explicitly before PR creation.
70
+
71
+ #### 4. Execute
72
+
73
+ - Run `git push` first so `gh pr create` does not trigger hidden push/fork behavior; then `gh pr create --repo owner/repo --head BRANCH ...`.
74
+ - If `git push` returns 401/403 or another auth/permission error, verify the command is targeting the right repository and retry once. If it still clearly indicates bad or revoked credentials, rerun the real GitHub command and let the runtime trigger a reconnect flow.
75
+ - Treat `gh pr merge` as a contents mutation and keep repository context explicit.
76
+
77
+ #### 5. Report result
78
+
79
+ - Return canonical PR URL, PR number when available, target repository, and applied changes.
80
+ - If PR creation fails after explicit push + explicit repo scoping, report the exact auth or validation failure and stop.
81
+
82
+ ## Guardrails
83
+
84
+ - Require explicit confirmation only for destructive merges or force operations.
85
+ - Answer source-code questions from repository evidence, not product framing or generic memory.
86
+ - Default to shallow clones; do not use a full clone unless the task requires repository history or the user asks for it.
87
+ - If repository or installation access is missing, stop and return a concrete remediation message.
88
+ - Do not execute repository admin mutations.
package/skills/github-code/references/api-surface.md ADDED
@@ -0,0 +1,51 @@
1
+ # GitHub CLI API Surface — code & pull requests
2
+
3
+ All operations use `gh` CLI. Commands must be deterministic and non-interactive.
4
+
5
+ ## Repo scoping
6
+
7
+ When the user omits `owner/repo`, resolve `github.repo` first with `jr-rpc config get github.repo`, then pass the resolved repo explicitly on the actual `gh` or `git` command.
8
+ Treat explicit repo flags as command-targeting safety rails, not as a credential-scoping mechanism.
9
+
10
+ ## Capability to command mapping
11
+
12
+ | Capability | Commands |
13
+ | ---------------------------- | ------------------------------------------------------------------------------- |
14
+ | `github.contents.read` | `gh repo clone`, `git fetch` |
15
+ | `github.contents.write` | `git push`, `gh api` (create/update file contents), `gh pr merge` |
16
+ | `github.pull-requests.read` | `gh pr view`, `gh pr list`, `gh pr diff`, `gh pr checks` |
17
+ | `github.pull-requests.write` | `gh pr create --head <branch>` after explicit push, `gh pr edit`, `gh pr close` |
18
+
19
+ ## Command matrix
20
+
21
+ | Operation | Command |
22
+ | ---------------------------------- | ----------------------------------------------------------------------------------------- | -------- | ---------- |
23
+ | Clone repository (default shallow) | `gh repo clone owner/repo [DIRECTORY] -- --depth=1` |
24
+ | Deepen shallow clone | `git -C DIRECTORY fetch --depth=N origin` |
25
+ | Convert shallow clone to full | `git -C DIRECTORY fetch --unshallow` |
26
+ | Push branch before PR creation | `git -C DIRECTORY push -u origin BRANCH` |
27
+ | Create pull request | `gh pr create --repo owner/repo --head BRANCH --base BASE --title "..." --body-file PATH` |
28
+ | Update pull request | `gh pr edit NUMBER --repo owner/repo [--title "..."] [--body-file PATH]` |
29
+ | Close pull request | `gh pr close NUMBER --repo owner/repo` |
30
+ | Merge pull request | `gh pr merge NUMBER --repo owner/repo [--merge | --squash | --rebase]` |
31
+ | View pull request | `gh pr view NUMBER --repo owner/repo [--json ...]` |
32
+ | List pull requests | `gh pr list --repo owner/repo [--state open | closed | merged]` |
33
+ | Diff pull request | `gh pr diff NUMBER --repo owner/repo` |
34
+ | Check pull request status | `gh pr checks NUMBER --repo owner/repo` |
35
+
36
+ ## Config helpers
37
+
38
+ ```bash
39
+ jr-rpc config get github.repo
40
+ jr-rpc config set github.repo owner/repo
41
+ ```
42
+
43
+ ## Behavior notes
44
+
45
+ - Prefer `--json` output for machine-readable parsing where available.
46
+ - Pass extra `git clone` flags after `--` (e.g. `gh repo clone owner/repo -- --depth=1`).
47
+ - Before `gh pr create`, push the head branch explicitly, then use `--head` so `gh` does not trigger hidden push/fork behavior. That push requires GitHub write access to the remote.
48
+ - If the explicit `git push` fails with 401/403 or another auth/permission error, verify the repo context and retry once. If the error still clearly indicates bad credentials, rerun the real GitHub command and let the runtime trigger a reconnect flow.
49
+ - `gh pr edit` is not a single-permission command: title/body/base/reviewer changes fit `github.pull-requests.write`; label, assignee, milestone changes fit `github.issues.write` (use the `github-issues` skill); project flags are outside the current GitHub App capability model.
50
+ - `gh pr close --comment` may need `github.issues.write` (use `github-issues`); `gh pr close --delete-branch` needs `github.contents.write`.
51
+ - Return actionable errors for auth, permission, not-found, and validation failures.
package/skills/{github → github-code}/references/troubleshooting-workarounds.md RENAMED
@@ -1,23 +1,20 @@
1
- # GitHub CLI Troubleshooting
1
+ # GitHub CLI Troubleshooting — code & pull requests
2
2
 
3
3
  Use this table to recover quickly while keeping operations deterministic.
4
4
 
5
- | Symptom | Likely cause | Fix |
6
- | ------------------------------------------------------------------------------- | --------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
7
- | `unknown command "issue"` from `gh` | CLI version too old or wrong binary. | Verify `gh --version`; ensure GitHub CLI from `gh-cli` repo is installed. |
8
- | `unknown flag: --depth` from `gh repo clone` | `git clone` flags were passed before `--`. | Pass clone flags after `--`, for example `gh repo clone owner/repo -- --depth=1`. |
9
- | `Missing required option --repo` | Repo not passed and no default was resolved. | Resolve with `jr-rpc config get github.repo`; pass `--repo owner/repo` explicitly when missing. |
10
- | GitHub command affects or authenticates against the wrong repo | Stale `github.repo` default or authenticated command missing explicit repo. | Pass `--repo owner/repo` to the `gh` command for the target repository, or update `github.repo` before retrying. |
11
- | `GraphQL: Could not resolve to a Repository` | Repo slug is wrong or inaccessible. | Validate `owner/repo` and confirm app installation on target repository. |
12
- | 401 Unauthorized | Repo context is missing, stale, or the stored GitHub auth needs reconnect. | Verify `--repo owner/repo` or `github.repo`, then retry the real command once so the runtime can reconnect automatically when needed. |
13
- | `git push` fails with 401/403 or auth/permission output | Write auth was stale or the command is targeting the wrong repo. | Verify the remote and repo context, retry the same push once, then confirm app permissions and installation scope if the retry still fails. |
14
- | 403 Forbidden | App lacks required permission on repo or install scope is too narrow. | Verify the repo context, then confirm GitHub App permissions and installation scope. |
15
- | 404 Not Found | Issue number or repo is wrong. | Validate repo + issue ID with `gh issue view NUMBER --repo owner/repo`. |
16
- | `gh pr create` fails with auth/permission errors or tries to push interactively | The branch was not pushed first, or repo context is wrong. | Push the branch explicitly first, then rerun `gh pr create --repo owner/repo --head BRANCH ...`. |
17
- | `git blame`, long log history, or old commits are missing after clone | Repo was cloned shallow by design. | Deepen incrementally with `git -C DIRECTORY fetch --depth=N origin`, or use `git -C DIRECTORY fetch --unshallow` when full history is required. |
18
- | `sandbox setup failed (dnf install gh failed ...)` | `gh` package not available in default repos. | Configure/install from GitHub RPM repo (`gh-cli`) in sandbox dependency bootstrap, then retry. |
19
- | `gh issue edit` does not change labels | Wrong flag usage or wrong repo context. | Use repeated `--add-label/--remove-label` flags and keep `--repo owner/repo` explicit. |
20
- | Comment command fails with empty body | Body file missing/empty. | Ensure comment file exists and has content before `gh issue comment`. |
5
+ | Symptom | Likely cause | Fix |
6
+ | ------------------------------------------------------------------------------- | --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
7
+ | `unknown command "..."` from `gh` | CLI version too old or wrong binary in the plugin runtime. | Verify `gh --version`; if it is unavailable or too old, report that the GitHub plugin runtime dependency is not available. |
8
+ | `unknown flag: --depth` from `gh repo clone` | `git clone` flags were passed before `--`. | Pass clone flags after `--`, for example `gh repo clone owner/repo -- --depth=1`. |
9
+ | `Missing required option --repo` | Repo not passed and no default was resolved. | Resolve with `jr-rpc config get github.repo`; pass `--repo owner/repo` explicitly when missing. |
10
+ | Command affects or authenticates against the wrong repo | Stale `github.repo` default or authenticated command missing explicit repo. | Pass `--repo owner/repo` for the target repository, or update `github.repo` before retrying. |
11
+ | `GraphQL: Could not resolve to a Repository` | Repo slug is wrong or inaccessible. | Validate `owner/repo` and confirm app installation on target repository. |
12
+ | 401 Unauthorized | Repo context is missing, stale, or the stored GitHub auth needs reconnect. | Verify `--repo owner/repo` or `github.repo`, then retry the real command once so the runtime can reconnect automatically when needed. |
13
+ | `git push` fails with 401/403 or auth/permission output | Write auth was stale or the command is targeting the wrong repo. | Verify the remote and repo context, retry the same push once, then confirm app permissions and installation scope if the retry still fails. |
14
+ | 403 Forbidden | App lacks required permission on repo or install scope is too narrow. | Verify the repo context, then confirm GitHub App permissions and installation scope. |
15
+ | `gh pr create` fails with auth/permission errors or tries to push interactively | The branch was not pushed first, or repo context is wrong. | Push the branch explicitly first, then rerun `gh pr create --repo owner/repo --head BRANCH ...`. |
16
+ | `git blame`, long log history, or old commits are missing after clone | Repo was cloned shallow by design. | Deepen incrementally with `git -C DIRECTORY fetch --depth=N origin`, or `git -C DIRECTORY fetch --unshallow` when full history is required. |
17
+ | `sandbox setup failed (dnf install gh failed ...)` | `gh` package not available from the plugin runtime dependency bootstrap. | Report the plugin runtime bootstrap failure; do not try to repair package installation from the skill workflow. |
21
18
 
22
19
  ## Retry guidance
23
20
 
package/skills/github-issues/SKILL.md ADDED
@@ -0,0 +1,90 @@
1
+ ---
2
+ name: github-issues
3
+ description: Create, update, comment on, label, and inspect GitHub issues via GitHub CLI with concise, evidence-backed content. Use when users ask to open, edit, view, close, reopen, or triage GitHub issues — including tracking bugs, features, or tasks. Prefer this skill over generic repository tools for any issue operation.
4
+ allowed-tools: bash
5
+ ---
6
+
7
+ # GitHub Issue Operations
8
+
9
+ Issue create, update, comment, label, state, and inspection via `gh` CLI.
10
+
11
+ ## Reference loading
12
+
13
+ | Operation | Load |
14
+ | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
15
+ | Any operation | [references/api-surface.md](references/api-surface.md) |
16
+ | `issue create`, `issue body rewrite` | [references/issue-examples.md](references/issue-examples.md), the matching type-specific guide ([issue-bug.md](references/issue-bug.md), [issue-feature.md](references/issue-feature.md), [issue-task.md](references/issue-task.md)), and [references/research-rules.md](references/research-rules.md) |
17
+ | On failure | [references/troubleshooting-workarounds.md](references/troubleshooting-workarounds.md) |
18
+
19
+ ## Workflow
20
+
21
+ ### 1. Resolve operation and target
22
+
23
+ - Determine whether the task is `create`, `update`, `comment`, `labels`, `state`, or read-only inspection.
24
+ - Resolve repository (`owner/repo`). If not explicit, query channel config with `jr-rpc config get github.repo` before running any `gh` command. If still missing, ask the user.
25
+ - Resolve the issue number for non-create operations.
26
+ - Keep `--repo owner/repo` explicit on `gh` commands so the command itself targets the intended repository, not a stale default.
27
+
28
+ ### 2. Classify issue type
29
+
30
+ - Use explicit user type when provided (`bug`, `feature`, `task`).
31
+ - Otherwise infer from intent:
32
+ - `bug`: broken behavior, regression, error, failure.
33
+ - `feature`: net-new capability or behavioral expansion.
34
+ - `task`: maintenance, cleanup, docs, refactor, operational chore.
35
+ - Default to `task` when uncertain.
36
+
37
+ ### 3. Draft issue content
38
+
39
+ Load the type-specific guide:
40
+
41
+ | Type | Guide |
42
+ | --------- | ---------------------------------------------------------- |
43
+ | `bug` | [references/issue-bug.md](references/issue-bug.md) |
44
+ | `feature` | [references/issue-feature.md](references/issue-feature.md) |
45
+ | `task` | [references/issue-task.md](references/issue-task.md) |
46
+
47
+ Follow [references/research-rules.md](references/research-rules.md) for cross-type research standards. Use [references/issue-examples.md](references/issue-examples.md) to calibrate structure and depth.
48
+
49
+ **Hard constraints — apply to every new issue:**
50
+
51
+ - Title ≤ 60 characters. Descriptive for bugs, imperative for tasks/features.
52
+ - Summary ≤ 3 sentences. Do not restate the title in the body.
53
+ - Prefer flat bullet lists over headed sections for simple issues. Remove empty sections.
54
+ - Generalize session framing — strip channel references, slash commands, Slack thread IDs, user @mentions, and transcript fragments; replace with the underlying technical problem.
55
+ - Compress source material. Research notes, hypotheses, or transcripts become a short summary + scoped bullets — never paste raw investigation into the body.
56
+ - Do not add desired outcome, expected behavior, or acceptance criteria unless the thread explicitly requests them.
57
+ - When the request originated from a Slack thread or any on-behalf-of context, append a final line `Action taken on behalf of <name>.` using the action requester's real name. The action requester is the current `<requester>` or the person who explicitly asked you to create/update the issue, not necessarily the original reporter.
58
+
59
+ **Attribution:**
60
+
61
+ - Mention who raised the issue when clear from the thread. If the reporter differs from the action requester, keep them separate with durable body text such as `Reported by Alice.` or `Raised by Alice during incident triage.`
62
+ - Attach screenshots from the thread as image links when present.
63
+ - Include code snippets, related issues, and related PRs only when they materially improve the issue.
64
+
65
+ ### 4. Verify draft
66
+
67
+ Before running the `gh` create/edit command, check each gate. If any fails, revise and re-check before executing:
68
+
69
+ - Title length ≤ 60 characters.
70
+ - Delegated-action footer is the last line when applicable, using the action requester's real name, not the reporter's name unless they are the same person.
71
+ - No session framing remains (channel refs, slash commands, @mentions, Slack thread IDs).
72
+ - Body structure matches complexity — no empty sections, no restated title, no raw research dump.
73
+
74
+ Run [references/issue-quality-checklist.md](references/issue-quality-checklist.md) for holistic soft-signal review when the draft warrants it.
75
+
76
+ ### 5. Execute
77
+
78
+ - Use `gh issue` commands from [references/api-surface.md](references/api-surface.md).
79
+ - Check duplicates silently before creating a new issue.
80
+
81
+ ### 6. Report result
82
+
83
+ - Return canonical issue URL, issue number, issue type, and applied changes.
84
+
85
+ ## Guardrails
86
+
87
+ - Require explicit confirmation only for close/reopen or destructive broad rewrites.
88
+ - Do not overwrite issue fields unless explicitly requested. Prefer partial updates over full body replacement.
89
+ - For `bug` issues, do not present a fix as definitive unless root-cause evidence is explicit.
90
+ - If repository or installation access is missing, stop and return a concrete remediation message.
package/skills/github-issues/references/api-surface.md ADDED
@@ -0,0 +1,44 @@
1
+ # GitHub CLI API Surface — issues
2
+
3
+ All operations use `gh` CLI. Commands must be deterministic and non-interactive.
4
+
5
+ ## Repo scoping
6
+
7
+ When the user omits `owner/repo`, resolve `github.repo` first with `jr-rpc config get github.repo`, then pass the resolved repo explicitly on the actual `gh` command.
8
+ Treat explicit repo flags as command-targeting safety rails, not as a credential-scoping mechanism.
9
+
10
+ ## Capability to command mapping
11
+
12
+ | Capability | Commands |
13
+ | --------------------- | ------------------------------------------------------------------------------------------- |
14
+ | `github.issues.read` | `gh issue view`, `gh api /repos/.../comments` |
15
+ | `github.issues.write` | `gh issue create`, `gh issue edit`, `gh issue comment`, `gh issue close`, `gh issue reopen` |
16
+
17
+ ## Command matrix
18
+
19
+ | Operation | Command |
20
+ | ------------------- | ------------------------------------------------------------------------------------------------------------- |
21
+ | Create issue | `gh issue create --repo owner/repo --title "..." --body-file PATH` |
22
+ | Update issue fields | `gh issue edit NUMBER --repo owner/repo [--title "..."] [--body-file PATH]` |
23
+ | Close issue | `gh issue close NUMBER --repo owner/repo [--comment "..."]` |
24
+ | Reopen issue | `gh issue reopen NUMBER --repo owner/repo` |
25
+ | Add labels | `gh issue edit NUMBER --repo owner/repo --add-label LABEL [--add-label LABEL2]` |
26
+ | Remove labels | `gh issue edit NUMBER --repo owner/repo --remove-label LABEL [--remove-label LABEL2]` |
27
+ | Add comment | `gh issue comment NUMBER --repo owner/repo --body-file PATH` |
28
+ | Read issue | `gh issue view NUMBER --repo owner/repo --json number,title,state,labels,assignees,author,url,body` |
29
+ | Read comments | `gh api /repos/owner/repo/issues/NUMBER/comments --method GET --header "Accept: application/vnd.github+json"` |
30
+
31
+ ## Config helpers
32
+
33
+ ```bash
34
+ jr-rpc config get github.repo
35
+ jr-rpc config set github.repo owner/repo
36
+ ```
37
+
38
+ ## Behavior notes
39
+
40
+ - Prefer `--json` output for machine-readable parsing where available.
41
+ - Use `gh api` for endpoints not fully covered by `gh issue` subcommands.
42
+ - For automation, always fully specify `gh issue create` with `--title` and `--body` or `--body-file`; never rely on interactive prompts.
43
+ - Keep `--repo owner/repo` explicit when working across repositories.
44
+ - Return actionable errors for auth, permission, not-found, and validation failures.
package/skills/github-issues/references/issue-bug.md ADDED
@@ -0,0 +1,43 @@
1
+ # Bug Issue Guide
2
+
3
+ Load when issue type is `bug`. Cross-type rules (title length, delegated footer, generalization, compression) live in `SKILL.md` § Draft issue content.
4
+
5
+ ## Primary goal
6
+
7
+ Produce a high-signal bug issue that drives root-cause discovery, not premature solutioning.
8
+
9
+ ## Shape
10
+
11
+ A few bullets often suffice. Use headed sections only when complexity demands them.
12
+
13
+ **Summary** — up to 3 sentences describing the failure and its impact. Short descriptive title (e.g. "OAuth token refresh fails in long-running operations").
14
+
15
+ **Suggested sections (use only what fits):**
16
+
17
+ - **Root cause** — technical explanation with code snippets if relevant
18
+ - **Reproduction** — numbered steps any developer can follow independently
19
+ - **Expected behavior** — include only when the thread explicitly states what should happen
20
+ - **Workaround** — current mitigation if one exists
21
+
22
+ For simple bugs, skip sections and use flat bullet lists.
23
+
24
+ ## Research guidance
25
+
26
+ Research informs what goes in the issue, not how structured it looks.
27
+
28
+ 1. Capture concrete evidence: reproducible steps or explicit non-repro statement, exact error or symptom, impacted surface and scope.
29
+ 2. Build a timeline with exact dates when known.
30
+ 3. Separate verified facts from unknowns — label each explicitly.
31
+ 4. Form root-cause hypotheses linked to evidence, with confidence (`high`, `medium`, `low`).
32
+
33
+ Include fix suggestions only when the thread discusses fixes. Do not present a fix as certain without explicit evidence.
34
+
35
+ ## Context generalization
36
+
37
+ Before (session-specific):
38
+
39
+ > @alice ran `/github create` in #ops-alerts and saw "token refresh failed" when the OAuth token expired mid-thread
40
+
41
+ After (generalized):
42
+
43
+ > OAuth token refresh fails during long-running operations, producing "token refresh failed" errors
package/skills/{github → github-issues}/references/issue-examples.md RENAMED
@@ -69,6 +69,26 @@ Good scope — quantified and specific:
69
69
  >
70
70
  > Action taken on behalf of Jane Doe.
71
71
 
72
+ ## Distinct reporter/requester example
73
+
74
+ Bad attribution:
75
+
76
+ > The bot resolved the review thread even though the warning still applies.
77
+ >
78
+ > Action taken on behalf of Bojan Oro.
79
+
80
+ Good attribution:
81
+
82
+ > Warden can resolve its own review thread even when the underlying warning still appears valid and the PR remains blocked.
83
+ >
84
+ > Reported by Bojan Oro.
85
+ >
86
+ > - Observed on a PR where Warden left a review comment about a missing backport
87
+ > - The review thread was later marked resolved by the bot
88
+ > - The PR still showed a blocking warning
89
+ >
90
+ > Action taken on behalf of David Cramer.
91
+
72
92
  ## Feature example
73
93
 
74
94
  Bad framing:
@@ -111,5 +131,6 @@ Good framing — current state, gap, options:
111
131
  - Confident fix claims without root-cause evidence
112
132
  - Speculative detail mixed into verified facts
113
133
  - Dumping a list of URLs without inline context
114
- - Session-specific content (user names, slash commands, channel references)
134
+ - Session-specific content (slash commands, channel references, raw transcript framing, or unrelated user chatter)
135
+ - Conflating reporter and action requester when they differ
115
136
  - Missing delegated attribution footer on user-requested issue creation
package/skills/github-issues/references/issue-feature.md ADDED
@@ -0,0 +1,37 @@
1
+ # Feature Issue Guide
2
+
3
+ Load when issue type is `feature`. Cross-type rules (title length, delegated footer, generalization, compression) live in `SKILL.md` § Draft issue content.
4
+
5
+ ## Primary goal
6
+
7
+ Propose an intentional improvement with clear current-state analysis and practical options.
8
+
9
+ ## Shape
10
+
11
+ A flat bullet list is fine for simple features. Use headed sections only when tradeoffs need detailed framing.
12
+
13
+ **Summary** — up to 3 sentences describing the improvement. Short imperative title (e.g. "Support SAML SSO for enterprise orgs").
14
+
15
+ **Suggested sections (use only what fits):**
16
+
17
+ - **Current behavior** — how the system works today
18
+ - **Gap** — why current behavior is insufficient, with concrete impact
19
+ - **Options** — viable approaches with tradeoffs (include only when the thread discusses alternatives)
20
+
21
+ For simple features, skip sections and use flat bullets describing the gap and desired capability.
22
+
23
+ ## Research guidance
24
+
25
+ 1. Analyze current behavior and why it's insufficient.
26
+ 2. Gather prior art when available — include links and what each proves. If none found, omit rather than stating "none found."
27
+ 3. Frame options with tradeoffs when the thread discusses alternatives.
28
+
29
+ ## Context generalization
30
+
31
+ Before (session-specific):
32
+
33
+ > @carol mentioned in the standup thread that she has to manually restart the worker every time the config changes
34
+
35
+ After (generalized):
36
+
37
+ > Workers do not pick up config changes without a restart, requiring manual intervention
package/skills/github-issues/references/issue-quality-checklist.md ADDED
@@ -0,0 +1,25 @@
1
+ # Issue Quality Checklist
2
+
3
+ Soft-signal review beyond the hard gates in `SKILL.md` § Verify draft. Use when the draft is non-trivial or the stakes warrant extra care.
4
+
5
+ ## Content signals
6
+
7
+ - Summary is short and clear.
8
+ - Analysis depth matches the issue type.
9
+ - Verified claims have inline sources (file paths, PR/issue numbers, doc links).
10
+ - Timeline statements use exact dates when known.
11
+ - Confidence is explicit when certainty is low.
12
+ - Concerns are included only when material, not speculatively.
13
+ - Unknowns are called out, not guessed.
14
+
15
+ ## Anti-patterns to avoid
16
+
17
+ - Overlong, sprawling bodies with no clear sections.
18
+ - Confident solution claims that are weakly evidenced.
19
+ - Speculative detail mixed into verified sections.
20
+
21
+ ## External guidance
22
+
23
+ - GitHub docs, creating and structuring issues: https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/creating-an-issue
24
+ - Stack Overflow, minimal reproducible example standard: https://stackoverflow.com/help/minimal-reproducible-example
25
+ - Mozilla Bugzilla, bug writing guidance: https://bugzilla.mozilla.org/page.cgi?id=bug-writing.html
package/skills/github-issues/references/issue-task.md ADDED
@@ -0,0 +1,36 @@
1
+ # Task Issue Guide
2
+
3
+ Load when issue type is `task`. Cross-type rules (title length, delegated footer, generalization, compression) live in `SKILL.md` § Draft issue content.
4
+
5
+ ## Primary goal
6
+
7
+ Create a concise execution ticket for maintenance, cleanup, docs, refactors, or operational chores.
8
+
9
+ ## Shape
10
+
11
+ A task can be just a title + 2-3 bullets. Use headed sections only when scope is complex.
12
+
13
+ **Summary** — up to 3 sentences describing the task. Short imperative title (e.g. "Remove deprecated legacyAuth middleware").
14
+
15
+ **Suggested sections (use only when complexity warrants):**
16
+
17
+ - **Background** — why this task exists, with code snippets if relevant
18
+ - **Scope** — what's included and excluded, quantify when possible
19
+
20
+ For simple tasks, skip sections and use flat bullets for scope and next step.
21
+
22
+ ## Research guidance
23
+
24
+ - Minimal research by default. Prefer first-party repository context when available.
25
+ - Include implementation steps only when the thread discusses approach. Otherwise, state the goal and scope.
26
+ - Include dependencies or risks only when material.
27
+
28
+ ## Context generalization
29
+
30
+ Before (session-specific):
31
+
32
+ > @bob asked in #eng-chat to clean up the unused `legacyAuth` middleware that he noticed while reviewing PR #312
33
+
34
+ After (generalized):
35
+
36
+ > Remove unused `legacyAuth` middleware to reduce maintenance surface
package/skills/{github → github-issues}/references/research-rules.md RENAMED
@@ -1,10 +1,10 @@
1
1
  # Research and Verification Rules
2
2
 
3
- Use this file for cross-type rules. Then apply the matching type-specific file:
3
+ Cross-type research standards. Apply alongside the matching type-specific guide:
4
4
 
5
- - `bug`: [issue-type-bug.md](issue-type-bug.md)
6
- - `feature`: [issue-type-feature.md](issue-type-feature.md)
7
- - `task`: [issue-type-task.md](issue-type-task.md)
5
+ - `bug`: [issue-bug.md](issue-bug.md)
6
+ - `feature`: [issue-feature.md](issue-feature.md)
7
+ - `task`: [issue-task.md](issue-task.md)
8
8
 
9
9
  ## Source Priority
10
10
 
package/skills/github-issues/references/troubleshooting-workarounds.md ADDED
@@ -0,0 +1,21 @@
1
+ # GitHub CLI Troubleshooting — issues
2
+
3
+ Use this table to recover quickly while keeping operations deterministic.
4
+
5
+ | Symptom | Likely cause | Fix |
6
+ | ------------------------------------------------------- | --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
7
+ | `unknown command "issue"` from `gh` | CLI version too old or wrong binary in the plugin runtime. | Verify `gh --version`; if it is unavailable or too old, report that the GitHub plugin runtime dependency is not available. |
8
+ | `Missing required option --repo` | Repo not passed and no default was resolved. | Resolve with `jr-rpc config get github.repo`; pass `--repo owner/repo` explicitly when missing. |
9
+ | Command affects or authenticates against the wrong repo | Stale `github.repo` default or authenticated command missing explicit repo. | Pass `--repo owner/repo` for the target repository, or update `github.repo` before retrying. |
10
+ | `GraphQL: Could not resolve to a Repository` | Repo slug is wrong or inaccessible. | Validate `owner/repo` and confirm app installation on target repository. |
11
+ | 401 Unauthorized | Repo context is missing, stale, or the stored GitHub auth needs reconnect. | Verify `--repo owner/repo` or `github.repo`, then retry the real command once so the runtime can reconnect automatically when needed. |
12
+ | 403 Forbidden | App lacks required permission on repo or install scope is too narrow. | Verify the repo context, then confirm GitHub App permissions and installation scope. |
13
+ | 404 Not Found | Issue number or repo is wrong. | Validate repo + issue ID with `gh issue view NUMBER --repo owner/repo`. |
14
+ | `gh issue edit` does not change labels | Wrong flag usage or wrong repo context. | Use repeated `--add-label/--remove-label` flags and keep `--repo owner/repo` explicit. |
15
+ | Comment command fails with empty body | Body file missing/empty. | Ensure comment file exists and has content before `gh issue comment`. |
16
+
17
+ ## Retry guidance
18
+
19
+ - Retry once for transient auth/transport failures after verifying repo context.
20
+ - Do not loop retries on repeated 401/403/404 validation errors.
21
+ - For persistent permission problems, return explicit remediation and stop.
package/skills/github/SKILL.md DELETED
@@ -1,173 +0,0 @@
1
- ---
2
- name: github
3
- description: Manage GitHub issue workflows, source-code investigation, pull request operations, repository checkout, and implicit GitHub credentials via GitHub CLI with concise, evidence-backed content. Use when users ask to inspect implementation details in a repository, clone code, edit files, answer source-code questions from repo evidence, open/edit/view pull requests, or open/edit/inspect GitHub issues. Prefer this skill for repository and code tasks even when the repo concerns Sentry products.
4
- uses-config: github.repo
5
- allowed-tools: bash
6
- ---
7
-
8
- # GitHub Operations
9
-
10
- Issue workflows, pull request operations, and repository checkout via `gh` CLI.
11
-
12
- ## Reference loading
13
-
14
- Load references conditionally based on the operation:
15
-
16
- | Operation | Load |
17
- | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
18
- | Any operation | [references/api-surface.md](references/api-surface.md) |
19
- | `clone`, `pull request create` | [references/common-use-cases.md](references/common-use-cases.md) |
20
- | `source-code investigation` | [references/research-rules.md](references/research-rules.md) |
21
- | `issue create`, `issue body rewrite` | [references/issue-examples.md](references/issue-examples.md), the matching type-specific template and type-specific rules, and [references/research-rules.md](references/research-rules.md) |
22
- | On failure | [references/troubleshooting-workarounds.md](references/troubleshooting-workarounds.md) |
23
-
24
- ## Workflow
25
-
26
- ### 1. Resolve operation and target
27
-
28
- - Determine whether the task is `clone`, `source-code investigation`, an issue operation (`create`, `update`, `comment`, `labels`, `state`, or read-only inspection), a pull request inspection (`view`, `list`, `diff`, or `checks`), or a pull request mutation (`create`, `update`, `close`, or `merge`).
29
- - Resolve repository (`owner/repo`). If it is not explicit, query channel config with `jr-rpc config get github.repo` before running any `gh` or `git` command.
30
- - If config exists and is valid `owner/repo`, use it as the default and still pass it explicitly on subsequent `gh` commands instead of relying on ambient CLI context.
31
- - If repository is still missing, ask the user for `owner/repo`.
32
- - Resolve the issue number for non-create issue operations.
33
- - Resolve the pull request number for pull request operations that target an existing PR.
34
- - Keep `owner/repo` explicit on `gh` commands whenever the task targets a specific repository. This keeps the command pointed at the right repo and avoids accidental cross-repo mutations. Do not rely on a stale `github.repo` default when hopping between repos.
35
-
36
- ### 2. Execute by operation type
37
-
38
- **Clone** → Follow the clone path below.
39
- **Source-code investigation** → Follow the source-code path below.
40
- **Issue operation** → Follow the issue path below.
41
- **Pull request inspection** → Follow the pull request inspection path below.
42
- **Pull request mutation** → Follow the pull request mutation path below.
43
-
44
- ---
45
-
46
- ### Clone path
47
-
48
- - Default to a shallow clone.
49
- - Use exact command forms from [references/api-surface.md](references/api-surface.md) or [references/common-use-cases.md](references/common-use-cases.md).
50
- - Deepen incrementally only when the task needs repository history.
51
- - After cloning, check for `AGENTS.md` in the repo root (and `.github/AGENTS.md`) before making edits. Treat discovered instructions as hard constraints.
52
- - Report the local directory and whether the clone is shallow or full.
53
-
54
- ---
55
-
56
- ### Source-code investigation path
57
-
58
- - Use this path for questions like "where is this implemented?", "how does this workflow work in code?", "is there already logic for X?", or "verify this from the repo."
59
- - Resolve repository (`owner/repo`). If the current workspace already contains the target repository, inspect local files directly before cloning anything.
60
- - If you need repository access outside the current workspace, keep `owner/repo` explicit on the authenticated command so the command itself targets the correct repository.
61
- - Default to a shallow clone when you need a fresh checkout; deepen only if the question truly needs history.
62
- - Prefer the narrowest deterministic evidence that answers the question: local file search, exact file reads, targeted clone inspection, existing issues/PRs, and tests.
63
- - Cite repository evidence in the reply: file paths, symbols, issue/PR numbers, or commit references when known.
64
- - If the available evidence is incomplete, say what is unknown instead of guessing.
65
-
66
- ---
67
-
68
- ### Issue path
69
-
70
- #### 3. Classify issue type
71
-
72
- - Use explicit user type when provided (`bug`, `feature`, `task`).
73
- - Otherwise infer from intent:
74
- - `bug`: broken behavior, regression, error, failure.
75
- - `feature`: net-new capability or behavioral expansion.
76
- - `task`: maintenance, cleanup, docs, refactor, operational chore.
77
- - Default to `task` when uncertain.
78
-
79
- #### 4. Draft issue content
80
-
81
- Load the type-specific template and rules:
82
-
83
- | Type | Template | Research rules |
84
- | --------- | ---------------------------------------------------------------------------- | -------------------------------------------------------------------- |
85
- | `bug` | [references/issue-template-bug.md](references/issue-template-bug.md) | [references/issue-type-bug.md](references/issue-type-bug.md) |
86
- | `feature` | [references/issue-template-feature.md](references/issue-template-feature.md) | [references/issue-type-feature.md](references/issue-type-feature.md) |
87
- | `task` | [references/issue-template-task.md](references/issue-template-task.md) | [references/issue-type-task.md](references/issue-type-task.md) |
88
-
89
- Follow [references/research-rules.md](references/research-rules.md) for cross-type research standards.
90
-
91
- - Use a short descriptive title for bugs, short imperative title for tasks and features.
92
- - Mention who raised the issue when clear from the thread.
93
- - Attach screenshots from the thread as image links when present.
94
- - Prefer flat bullet lists over headed sections for simple issues.
95
- - Do not add desired outcome or expected behavior unless the thread explicitly states one.
96
- - Generalize conversation context: replace channel references, slash-command invocations, and session-specific fragments with the underlying technical problem.
97
- - Use [references/issue-examples.md](references/issue-examples.md) to calibrate structure and depth.
98
- - Include code snippets, related issues, and related PRs only when they materially improve the issue.
99
-
100
- #### 5. Execute operation
101
-
102
- - Use fully specified, non-interactive `gh` commands from [references/api-surface.md](references/api-surface.md).
103
- - Use [references/common-use-cases.md](references/common-use-cases.md) only when you need a concrete command pattern.
104
- - Check duplicates silently before creating a new issue. Only mention duplicates when relevant matches are actually found.
105
- - Treat GitHub auth as plugin-owned and turn-scoped. The skill determines whether GitHub credentials are available for the turn; explicit repo flags are still for command correctness and mutation safety.
106
-
107
- #### 6. Report result
108
-
109
- - Return canonical issue URL, issue number, issue type, applied changes, and confidence.
110
- - Include references used for verified claims.
111
- - Keep routine issue-creation steps silent. Do not post progress chatter about duplicate checks, drafting, credential issuance, or command execution before the final result.
112
- - Never mention silent duplicate checking in the final reply unless you actually found a relevant duplicate that changed the outcome.
113
- - If duplicate checking found no relevant matches, omit that fact entirely and report only the created issue, for example `Created issue #123: ...`, not `No duplicates found. Creating the issue now.`
114
-
115
- ---
116
-
117
- ### Pull request inspection path
118
-
119
- #### 3. Execute inspection
120
-
121
- - Use exact read-only `gh pr` commands from [references/api-surface.md](references/api-surface.md).
122
- - Skip branch resolution and push logic for inspection-only work.
123
-
124
- #### 4. Report result
125
-
126
- - Return canonical PR URL, PR number when available, target repository, and the fields the user asked to inspect.
127
- - If the requested PR cannot be resolved, report the exact not-found or auth failure and stop.
128
-
129
- ---
130
-
131
- ### Pull request mutation path
132
-
133
- #### 3. Resolve mutation inputs
134
-
135
- - For PR creation, resolve the base branch. Use the explicit user request when present; otherwise use the repository default branch.
136
- - For PR creation, resolve the head branch from the current checkout or user request.
137
- - For PR creation, if the current branch may not exist on the remote yet, push it explicitly before PR creation.
138
-
139
- #### 4. Execute pull request operation
140
-
141
- - For PR creation, do not rely on `gh pr create` to push or fork implicitly.
142
- - For PR creation, if the head branch is not already on the remote, run `git push` first. That push step needs GitHub write access for the remote repository.
143
- - If `git push` returns 401, 403, or another auth/permission error, verify the command is still targeting the right repository and retry once. If the error still clearly indicates bad or revoked credentials, rerun the real GitHub command and let the runtime trigger a reconnect flow.
144
- - After the branch exists remotely, run `gh pr create --repo owner/repo --head BRANCH ...`.
145
- - For PR creation, use `--head` so `gh` skips its hidden push/fork flow.
146
- - Treat `gh pr merge` as a contents mutation and keep repository context explicit so the command cannot hit the wrong repository.
147
- - Treat issue comments and label edits as issue mutations and keep repository context explicit on the command.
148
-
149
- #### 5. Report result
150
-
151
- - Return canonical PR URL, PR number when available, target repository, and applied changes.
152
- - If PR creation fails after explicit push + explicit repo scoping, report the exact auth or validation failure and stop.
153
-
154
- ## Guardrails
155
-
156
- ### Execution
157
-
158
- - Execute operations as soon as required fields are available. Do not pause for confirmation unless the user explicitly asks for preview/dry-run.
159
- - Require explicit confirmation only for close/reopen or destructive broad rewrites.
160
- - Do not overwrite issue fields unless explicitly requested. Prefer partial updates over full body replacement.
161
-
162
- ### Quality
163
-
164
- - Never claim verification without citing sources.
165
- - Answer source-code and implementation questions from repository evidence, not product framing or generic memory.
166
- - For `bug` issues, do not present a fix as definitive unless root-cause evidence is explicit.
167
- - If no relevant duplicates are found, continue directly to draft and create the issue, then report the created issue.
168
-
169
- ### Scope
170
-
171
- - Issue workflows, pull request operations, and repository checkout. Do not execute repository admin mutations.
172
- - Default to shallow clones. Do not use a full clone unless the task requires repository history or the user asks for it.
173
- - If repository or installation access is missing, stop and return a concrete remediation message.
package/skills/github/references/api-surface.md DELETED
@@ -1,71 +0,0 @@
1
- # GitHub CLI API Surface
2
-
3
- All operations use `gh` CLI. Commands must be deterministic and non-interactive.
4
-
5
- ## Authentication
6
-
7
- Load the GitHub skill first, then keep `--repo owner/repo` explicit on authenticated `gh` commands unless you intentionally rely on a verified `github.repo` default for the same repository.
8
- When the user omits `owner/repo`, resolve `github.repo` first with `jr-rpc config get github.repo`, then pass the resolved repo explicitly on the actual `gh` command.
9
- The runtime injects GitHub credentials implicitly for the current turn once the GitHub skill is active.
10
- Treat explicit repo flags as command-targeting safety rails that reduce accidental writes and wrong-repo mutations, not as a credential-scoping mechanism.
11
-
12
- ## Capability to command mapping
13
-
14
- | Capability | Commands |
15
- | ---------------------------- | ------------------------------------------------------------------------------------------- |
16
- | `github.contents.read` | `gh repo clone`, `git fetch` |
17
- | `github.contents.write` | `git push`, `gh api` (create/update file contents), `gh pr merge` |
18
- | `github.issues.read` | `gh issue view`, `gh api /repos/.../comments` |
19
- | `github.issues.write` | `gh issue create`, `gh issue edit`, `gh issue comment`, `gh issue close`, `gh issue reopen` |
20
- | `github.pull-requests.read` | `gh pr view`, `gh pr list`, `gh pr diff`, `gh pr checks` |
21
- | `github.pull-requests.write` | `gh pr create --head <branch>` after explicit push, `gh pr edit`, `gh pr close` |
22
-
23
- ## Command matrix
24
-
25
- | Operation | Command |
26
- | ---------------------------------- | ------------------------------------------------------------------------------------------------------------- | -------- | ---------- |
27
- | Clone repository (default shallow) | `gh repo clone owner/repo [DIRECTORY] -- --depth=1` |
28
- | Deepen shallow clone | `git -C DIRECTORY fetch --depth=N origin` |
29
- | Convert shallow clone to full | `git -C DIRECTORY fetch --unshallow` |
30
- | Create issue | `gh issue create --repo owner/repo --title "..." --body-file PATH` |
31
- | Update issue fields | `gh issue edit NUMBER --repo owner/repo [--title "..."] [--body-file PATH]` |
32
- | Close issue | `gh issue close NUMBER --repo owner/repo [--comment "..."]` |
33
- | Reopen issue | `gh issue reopen NUMBER --repo owner/repo` |
34
- | Add labels | `gh issue edit NUMBER --repo owner/repo --add-label LABEL [--add-label LABEL2]` |
35
- | Remove labels | `gh issue edit NUMBER --repo owner/repo --remove-label LABEL [--remove-label LABEL2]` |
36
- | Add comment | `gh issue comment NUMBER --repo owner/repo --body-file PATH` |
37
- | Read issue | `gh issue view NUMBER --repo owner/repo --json number,title,state,labels,assignees,author,url,body` |
38
- | Read comments | `gh api /repos/owner/repo/issues/NUMBER/comments --method GET --header "Accept: application/vnd.github+json"` |
39
- | Push branch before PR creation | `git -C DIRECTORY push -u origin BRANCH` |
40
- | Create pull request | `gh pr create --repo owner/repo --head BRANCH --base BASE --title "..." --body-file PATH` |
41
- | Update pull request | `gh pr edit NUMBER --repo owner/repo [--title "..."] [--body-file PATH]` |
42
- | Close pull request | `gh pr close NUMBER --repo owner/repo` |
43
- | Merge pull request | `gh pr merge NUMBER --repo owner/repo [--merge | --squash | --rebase]` |
44
-
45
- ## Config helpers
46
-
47
- Resolve repo default:
48
-
49
- ```bash
50
- jr-rpc config get github.repo
51
- ```
52
-
53
- Set repo default:
54
-
55
- ```bash
56
- jr-rpc config set github.repo owner/repo
57
- ```
58
-
59
- ## Behavior notes
60
-
61
- - Prefer `--json` output for machine-readable parsing where available.
62
- - Use `gh api` for endpoints not fully covered by `gh issue` subcommands.
63
- - Pass extra `git clone` flags after `--` (e.g. `gh repo clone owner/repo -- --depth=1`).
64
- - For automation, always fully specify `gh issue create` with `--title` and `--body` or `--body-file`; never rely on interactive prompts.
65
- - Before `gh pr create`, push the head branch explicitly, then use `--head` so `gh` does not trigger hidden push/fork behavior.
66
- - That explicit `git push` step requires GitHub write access to the remote repository.
67
- - If that explicit `git push` fails with 401/403 or another auth/permission error, verify the repo context and retry the same push once after clearing stale GitHub auth only when the error explicitly indicates bad credentials.
68
- - Keep `--repo owner/repo` explicit on authenticated GitHub commands when working across repositories.
69
- - `gh pr edit` is not a single-permission command: title/body/base/reviewer changes fit `github.pull-requests.write`, label, assignee, and milestone changes fit `github.issues.write`, and project flags are outside the current GitHub App capability model.
70
- - `gh pr close --comment` may need `github.issues.write`, and `gh pr close --delete-branch` needs `github.contents.write`.
71
- - Return actionable errors for auth, permission, not-found, and validation failures.
package/skills/github/references/common-use-cases.md DELETED
@@ -1,99 +0,0 @@
1
- # Common GitHub CLI Use Cases
2
-
3
- Use these patterns as direct execution playbooks.
4
-
5
- ## 1) Clone a repository for local work
6
-
7
- Default to a shallow clone:
8
-
9
- ```bash
10
- gh repo clone owner/repo -- --depth=1
11
- ```
12
-
13
- Clone into a specific directory:
14
-
15
- ```bash
16
- gh repo clone owner/repo worktree/repo -- --depth=1
17
- ```
18
-
19
- ## 2) Deepen a shallow clone only when needed
20
-
21
- ```bash
22
- git -C worktree/repo fetch --depth=50 origin
23
- ```
24
-
25
- Convert to a full clone:
26
-
27
- ```bash
28
- git -C worktree/repo fetch --unshallow
29
- ```
30
-
31
- ## 3) Create a bug issue
32
-
33
- ```bash
34
- gh issue create --repo owner/repo --title "OAuth token refresh fails in long-running thread" --body-file /vercel/sandbox/tmp/issue.md
35
- ```
36
-
37
- `/vercel/sandbox/tmp/issue.md` should end with:
38
-
39
- ```md
40
- Action taken on behalf of Jane Doe.
41
- ```
42
-
43
- ## 4) Patch issue title/body
44
-
45
- ```bash
46
- gh issue edit 123 --repo owner/repo --title "Clarify retry semantics for lock contention" --body-file /vercel/sandbox/tmp/revised-issue.md
47
- ```
48
-
49
- ## 5) Close or reopen issue
50
-
51
- ```bash
52
- gh issue close 123 --repo owner/repo --comment "Fixed in #456"
53
- ```
54
-
55
- Reopen:
56
-
57
- ```bash
58
- gh issue reopen 123 --repo owner/repo
59
- ```
60
-
61
- ## 6) Add implementation comment
62
-
63
- ```bash
64
- gh issue comment 123 --repo owner/repo --body-file /vercel/sandbox/tmp/comment.md
65
- ```
66
-
67
- ## 7) Apply triage labels
68
-
69
- ```bash
70
- gh issue edit 123 --repo owner/repo --add-label bug --add-label needs-triage
71
- ```
72
-
73
- Remove labels:
74
-
75
- ```bash
76
- gh issue edit 123 --repo owner/repo --remove-label needs-triage
77
- ```
78
-
79
- ## 8) Read issue details before mutation
80
-
81
- ```bash
82
- gh issue view 123 --repo owner/repo --json number,title,state,labels,assignees,author,url,body
83
- ```
84
-
85
- ## 9) Read comment history in JSON
86
-
87
- ```bash
88
- gh api /repos/owner/repo/issues/123/comments --method GET --header "Accept: application/vnd.github+json"
89
- ```
90
-
91
- ## 10) Create a pull request safely in automation
92
-
93
- Push the branch explicitly before creating the PR. This avoids `gh pr create`
94
- trying to push or fork implicitly.
95
-
96
- ```bash
97
- git -C worktree/repo push -u origin BRANCH
98
- gh pr create --repo owner/repo --head BRANCH --base main --title "fix(repo): narrow GitHub repo scoping" --body-file /vercel/sandbox/tmp/pr.md
99
- ```
package/skills/github/references/issue-quality-checklist.md DELETED
@@ -1,40 +0,0 @@
1
- # Issue Quality Checklist
2
-
3
- Run this checklist before create/update mutation.
4
-
5
- ## External Quality Signals
6
-
7
- - Does the issue contain slash commands, channel references, or user names that are not relevant to the issue itself? If so, generalize.
8
- - Is the issue concise and still actionable?
9
- - Are unknowns called out instead of guessed?
10
- - Are concerns included only when material?
11
-
12
- Useful external guidance:
13
-
14
- - GitHub docs, creating and structuring issues: https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/creating-an-issue
15
- - GitHub docs, issue templates: https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates
16
- - Stack Overflow, minimal reproducible example standard: https://stackoverflow.com/help/minimal-reproducible-example
17
- - Mozilla Bugzilla, bug writing guidance: https://bugzilla.mozilla.org/page.cgi?id=bug-writing.html
18
-
19
- ## Internal Quality Bar
20
-
21
- - Issue type chosen and stated (`bug`, `feature`, or `task`).
22
- - Title is specific and <= 60 characters. Descriptive for bugs, imperative for tasks/features.
23
- - Summary is short and clear.
24
- - Analysis depth matches the issue type.
25
- - Verified claims have sources.
26
- - Timeline statements use exact dates when known.
27
- - Confidence is explicit when certainty is low.
28
- - Concerns are included only when meaningful.
29
- - Reporter is mentioned when clear from the originating conversation.
30
- - Screenshots from the thread are attached as image links when present.
31
- - No headed sections that could be flat bullets instead.
32
- - No desired outcome or expected behavior section unless the thread explicitly stated one.
33
-
34
- ## Negative Calibration
35
-
36
- Avoid these anti-patterns:
37
-
38
- - Overlong, sprawling issue bodies with no clear sections
39
- - Confident solution claims that are weakly evidenced
40
- - Speculative detail mixed into verified sections
package/skills/github/references/issue-template-bug.md DELETED
@@ -1,37 +0,0 @@
1
- # Bug Issue Template
2
-
3
- Use as a starting structure. A few bullets often suffice — use headed sections only when complexity demands them.
4
-
5
- ## Summary
6
-
7
- Up to 3 sentences describing the failure and its impact. Use a short descriptive title (e.g. "OAuth token refresh fails in long-running operations").
8
-
9
- ## Suggested sections (use only what fits)
10
-
11
- - **Root cause** — technical explanation with code snippets if relevant
12
- - **Reproduction** — numbered steps any developer can follow independently
13
- - **Expected behavior** — include only when the thread explicitly states what should happen
14
- - **Workaround** — current mitigation if one exists
15
-
16
- For simple bugs, skip sections entirely and use flat bullet lists.
17
-
18
- ## Attribution
19
-
20
- - Mention who reported the issue when clear from the originating conversation.
21
- - Attach screenshots from the thread as image links when present.
22
-
23
- ## Delegated action footer
24
-
25
- When creating a new issue on behalf of a user, append a final line:
26
-
27
- `Action taken on behalf of <name>.`
28
-
29
- ## Constraints
30
-
31
- - Title hard max: 60 characters (target 40-60).
32
- - Summary max 3 sentences.
33
- - Remove empty sections. Prefer flat bullets over headed sections for simple bugs.
34
- - Do not add expected behavior or desired outcome unless the thread explicitly states one.
35
- - Do not include acceptance criteria unless explicitly requested.
36
- - Use terse, specific language — no filler, no restating the title in the body.
37
- - Keep the delegated action footer as the last line in the body when applicable.
package/skills/github/references/issue-template-feature.md DELETED
@@ -1,36 +0,0 @@
1
- # Feature Issue Template
2
-
3
- Use as a starting structure. A flat bullet list is fine for simple features — use headed sections only when tradeoffs need detailed framing.
4
-
5
- ## Summary
6
-
7
- Up to 3 sentences describing the improvement. Use a short imperative title (e.g. "Support SAML SSO for enterprise orgs").
8
-
9
- ## Suggested sections (use only what fits)
10
-
11
- - **Current behavior** — how the system works today
12
- - **Gap** — why current behavior is insufficient, with concrete impact
13
- - **Options** — viable approaches with tradeoffs (include only when the thread discusses alternatives)
14
-
15
- For simple features, skip sections and use flat bullets describing the gap and desired capability.
16
-
17
- ## Attribution
18
-
19
- - Mention who raised the request when clear from the originating conversation.
20
- - Attach screenshots from the thread as image links when present.
21
-
22
- ## Delegated action footer
23
-
24
- When creating a new issue on behalf of a user, append a final line:
25
-
26
- `Action taken on behalf of <name>.`
27
-
28
- ## Constraints
29
-
30
- - Title hard max: 60 characters (target 40-60).
31
- - Summary max 3 sentences.
32
- - Remove empty sections. Prefer flat bullets for simple features.
33
- - Do not add desired outcome unless the thread explicitly states one.
34
- - Do not include acceptance criteria unless explicitly requested.
35
- - Use terse, specific language — no filler, no restating the title in the body.
36
- - Keep the delegated action footer as the last line in the body when applicable.
package/skills/github/references/issue-template-task.md DELETED
@@ -1,35 +0,0 @@
1
- # Task Issue Template
2
-
3
- A task can be just a title + 2-3 bullets. Use headed sections only when scope is complex.
4
-
5
- ## Summary
6
-
7
- Up to 3 sentences describing the task. Use a short imperative title (e.g. "Remove deprecated legacyAuth middleware").
8
-
9
- ## Suggested sections (use only when complexity warrants)
10
-
11
- - **Background** — why this task exists, with code snippets if relevant
12
- - **Scope** — what's included and excluded, quantify when possible
13
-
14
- For simple tasks, skip sections and use flat bullets for scope and next step.
15
-
16
- ## Attribution
17
-
18
- - Mention who raised the task when clear from the originating conversation.
19
- - Attach screenshots from the thread as image links when present.
20
-
21
- ## Delegated action footer
22
-
23
- When creating a new issue on behalf of a user, append a final line:
24
-
25
- `Action taken on behalf of <name>.`
26
-
27
- ## Constraints
28
-
29
- - Title hard max: 60 characters (target 40-60).
30
- - Summary max 3 sentences.
31
- - Remove empty sections. Prefer flat bullets for simple tasks.
32
- - Do not add desired outcome unless the thread explicitly states one.
33
- - Do not include acceptance criteria unless explicitly requested.
34
- - Use terse, specific language — no filler, no restating the title in the body.
35
- - Keep the delegated action footer as the last line in the body when applicable.
package/skills/github/references/issue-type-bug.md DELETED
@@ -1,30 +0,0 @@
1
- # Bug Issue Rules
2
-
3
- Use this file only when issue type is `bug`.
4
-
5
- ## Primary Goal
6
-
7
- Produce a high-signal bug issue that drives root-cause discovery, not premature solutioning.
8
-
9
- ## Research Guidance
10
-
11
- Use these steps to investigate — they inform what goes into the issue, but do not dictate issue structure. The issue should be terse; research justifies what's included.
12
-
13
- 1. Capture concrete evidence: reproducible steps or explicit non-repro statement, exact error or symptom, impacted surface and scope.
14
- 2. Build a timeline with exact dates when known.
15
- 3. Separate verified facts from unknowns — label each explicitly.
16
- 4. Form root-cause hypotheses linked to evidence, with confidence (`high`, `medium`, `low`).
17
-
18
- Include fix suggestions only when the thread discusses fixes. Do not present a fix as certain without explicit evidence.
19
-
20
- ## Context Generalization
21
-
22
- When deriving bug content from conversation, generalize to the technical problem.
23
-
24
- Before (session-specific):
25
-
26
- > @alice ran `/github create` in #ops-alerts and saw "token refresh failed" when the OAuth token expired mid-thread
27
-
28
- After (generalized):
29
-
30
- > OAuth token refresh fails during long-running operations, producing "token refresh failed" errors
package/skills/github/references/issue-type-feature.md DELETED
@@ -1,27 +0,0 @@
1
- # Feature Issue Rules
2
-
3
- Use this file only when issue type is `feature`.
4
-
5
- ## Primary Goal
6
-
7
- Propose an intentional improvement with clear current-state analysis and practical options.
8
-
9
- ## Research Guidance
10
-
11
- Use these steps to investigate — they inform what goes into the issue, but do not dictate issue structure.
12
-
13
- 1. Analyze current behavior and why it's insufficient.
14
- 2. Gather prior art when available — include links and what each proves. If none found, omit rather than stating "none found."
15
- 3. Frame options with tradeoffs when the thread discusses alternatives.
16
-
17
- ## Context Generalization
18
-
19
- When deriving feature content from conversation, generalize to the capability gap.
20
-
21
- Before (session-specific):
22
-
23
- > @carol mentioned in the standup thread that she has to manually restart the worker every time the config changes
24
-
25
- After (generalized):
26
-
27
- > Workers do not pick up config changes without a restart, requiring manual intervention
package/skills/github/references/issue-type-task.md DELETED
@@ -1,25 +0,0 @@
1
- # Task Issue Rules
2
-
3
- Use this file only when issue type is `task`.
4
-
5
- ## Primary Goal
6
-
7
- Create a concise execution ticket for maintenance, cleanup, docs, refactors, or operational chores.
8
-
9
- ## Research Guidance
10
-
11
- - Minimal research by default. Prefer first-party repository context when available.
12
- - Include implementation steps only when the thread discusses approach. Otherwise, state the goal and scope.
13
- - Include dependencies or risks only when material.
14
-
15
- ## Context Generalization
16
-
17
- When deriving task content from conversation, generalize to the goal and scope.
18
-
19
- Before (session-specific):
20
-
21
- > @bob asked in #eng-chat to clean up the unused `legacyAuth` middleware that he noticed while reviewing PR #312
22
-
23
- After (generalized):
24
-
25
- > Remove unused `legacyAuth` middleware to reduce maintenance surface
package/skills/github/references/sandbox-runtime.md DELETED
@@ -1,17 +0,0 @@
1
- # Sandbox Runtime Guidance
2
-
3
- This skill runs in the harness sandbox (`node22`) and commands execute via the `bash` tool.
4
-
5
- ## What is currently available
6
-
7
- - Node runtime in sandbox (`node22` image).
8
- - Writable workspace under `/vercel/sandbox`.
9
- - Outbound network access (default allow-all unless harness sets a network policy).
10
- - Skill files are synchronized into `/vercel/sandbox/skills/<skill-name>`.
11
-
12
- ## Credential strategy
13
-
14
- 1. After the GitHub skill is loaded, the runtime injects GitHub credentials implicitly for the current turn.
15
- 2. Keep repository context explicit on `gh` and `git` commands so the command itself targets the correct repo.
16
- 3. Credentials are valid only for the current turn. Do not persist tokens in files.
17
- 4. If auth fails, verify the command still targets the correct repo, then retry the real GitHub command once so the runtime can reconnect automatically when needed.