All skills

Release Readiness

GH Ready

Prepare repositories for professional GitHub publication, open-source release, NPM/package distribution, client delivery, hiring showcase, product launch, or handoff. Use when Codex needs to make a repository trustworthy, SEO/AEO/GEO discoverable, package-ready, release-ready, badge-ready, security-ready, AI-agent-ready, and human-maintained through README quality, GitHub metadata, topics, social preview guidance, package metadata, docs, examples, interactive demo/docs pages, community health files, issue and pull request templates, CI, tests, linting, CodeQL/code scanning, Dependabot, secret hygiene, branch protection guidance, CODEOWNERS, changelogs, GitHub Releases, npm provenance, and CLI-driven GitHub readiness.

What this skill adds

Make a repository look and behave like a serious public project: discoverable, runnable, secure, releasable, and maintained.

Required Reference

  • Read references/gh-ready.md before substantial repo, package, release, SEO, or automation work. For a tiny README-only cleanup, use the quick protocol first and load the reference if scope expands.
  • Optional resources:
  • Run scripts/audit-gh-ready.cjs <repo> for a read-only readiness score and gap report.
  • Use assets/templates/ for concise community-file, README-section, issue, PR, release-note, and env-example starters.

Quick Protocol

  • Inspect with tools before editing:
  • - git status --short
  • - repo tree, README, license, docs, examples, package manifests, tests, CI, .github/, changelog, releases, and agent guidance
  • - gh repo view --json name,description,homepageUrl,isPrivate,repositoryTopics,defaultBranchRef when gh is available
  • - npm view <package> --json and npm pack --dry-run for npm packages
  • Identify the audience: open source users, package consumers, recruiters, enterprise buyers, internal handoff, or product-launch visitors.

Live GitHub Safety

  • Use GitHub CLI/API to inspect freely. Before changing live GitHub settings, show the exact command and wait for explicit approval. This applies to:
  • repository description, homepage, topics, and social preview
  • branch protection, rulesets, merge settings, and required checks
  • security features, secret scanning, Dependabot alerts, and code scanning
  • GitHub Releases, tags, package publishing, and repository secrets
  • Never commit tokens. Prefer npm trusted publishing and GitHub OIDC over long-lived npm automation tokens.

Repo Upgrade Principles

  • Treat the README as the repository's product page.
  • For UI, CLI, package, agent, docs, or tool repositories, create or improve browsable docs/demo pages when they help visitors understand the project faster; then link those pages from README.
  • GitHub README files are mostly Markdown, not application surfaces. Do not fake JavaScript interactivity inside README; use badges, images, links, collapsible details, tables, and hosted pages for real interaction.
  • Trust is operational: install commands work, CI proves them, releases are explainable, and security reporting is obvious.
  • Badges are promises. Add only live, accurate badges that match real automation or published artifacts.
  • SEO/AEO/GEO readiness means a human, search engine, and AI answer engine can quickly understand what the repo is, who it is for, how to use it, and why it is credible.

Default agent prompt

Use $gh-ready to make this repository professional, SEO-friendly, package-ready, release-ready, and trustworthy for GitHub publication.