ci: add gitleaks secret scan, PR-title lint, and agent install docs#26
Merged
Conversation
Bring elnora-plugins to CI/security/docs parity with the other public Elnora repos: - .github/workflows/gitleaks.yml + .gitleaks.toml — full-history secret scan using the open-source gitleaks binary (no org license required), on push/PR to main. Local full-history scan is clean. - .github/workflows/pr-title.yml — Conventional Commit lint on PR titles. - AGENTS.md — usage conventions for non-Claude agent harnesses: MCP endpoint, elnora_* tool dispatch table, pitfalls, per-harness install. - INSTALL_FOR_AGENTS.md — gated setup runbook (verify → auth → skills → smoke test) with Chrome DevTools MCP browser-assist offers for the OAuth and API-key browser steps. - README.md — link both agent docs. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01EgHf9qf7dcDzguCkqGRJzz
| name: Conventional Commit | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: amannn/action-semantic-pull-request@v6 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Brings
elnora-pluginsto CI / security / docs parity with the other public Elnora repos.What's added
.github/workflows/gitleaks.yml+.gitleaks.toml— full-history secret scan on push/PR tomain, using the open-source gitleaks binary directly (no org license required, unlikegitleaks-action). The config extends the default ruleset; this repo ships client-side config + skills only, so there is nothing to allow-list. A local full-history scan (52 commits) is clean..github/workflows/pr-title.yml— Conventional Commit lint on PR titles (feat,fix,chore,docs,ci,refactor,perf,test,revert,build). Usespull_request_targetwithout checking out PR code, so it is safe against fork PRs (see the header comment).AGENTS.md— usage conventions for non-Claude agent harnesses (Codex, Cursor, Aider, Continue, Amp, Jules, Roo): the MCP endpoint, theelnora_*tool names, and a dispatch table mapping user intent to the right skill. Distinct fromCLAUDE.md, which stays the marketplace-maintainer guide.INSTALL_FOR_AGENTS.md— a gated setup runbook (verify → authenticate → copy skills → smoke test) with browser-assist offers via the Chrome DevTools MCP server for the OAuth and API-key-creation browser steps.README.md— links both agent docs.Everything is verified against the repo's actual README, skills, and manifests. All additions are additive (no existing files changed except the two README links).
🤖 Generated with Claude Code