farhoodlabs/skills
8
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: support GITHUB_APP_PEM inline env var in github-app-token skill

Browse Source 
Allow agents to provide the PEM key directly via GITHUB_APP_PEM env var
instead of requiring a file path via GITHUB_APP_PEM_FILE. The inline PEM
is written to a secure temp file (chmod 600) and cleaned up on exit.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Goose
2026-04-16 12:25:32 +00:00
parent 569c77b1a9
commit 97f4cd7d9b
2 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
github-app-token/SKILL.md
+4 -1
View File
@@ -13,7 +13,10 @@ Generate a short-lived GitHub App installation token and authenticate `gh`.
|---|---|
| `GITHUB_APP_ID` | Numeric App ID from GitHub App settings |
| `GITHUB_APP_INSTALLATION_ID` | Numeric Installation ID for the target org/user |
| `GITHUB_APP_PEM_FILE` | Absolute path to the App's PEM private key file |
| `GITHUB_APP_PEM_FILE` | Absolute path to the App's PEM private key file *(one of `GITHUB_APP_PEM` or `GITHUB_APP_PEM_FILE` required)* |
| `GITHUB_APP_PEM` | Raw PEM private key content as an env var *(one of `GITHUB_APP_PEM` or `GITHUB_APP_PEM_FILE` required)* |
`GITHUB_APP_PEM` takes precedence over `GITHUB_APP_PEM_FILE` when both are set. Using `GITHUB_APP_PEM` avoids the need to write the key to disk ahead of time — it is written to a temp file with `chmod 600` and deleted after token generation.
## Usage