by github
GitHub Agentic Workflows
# Add to your Claude Code skills
git clone https://github.com/github/gh-awWrite agentic workflows in natural language markdown, and run them in GitHub Actions.
[!NOTE] The Team and the Agents are in Spring Break. Expect delays.
Ready to get your first agentic workflow running? Follow our step-by-step Quick Start Guide to install the extension, add a sample workflow, and see it in action.
Learn about the concepts behind agentic workflows, explore available workflow types, and understand how AI can automate your repository tasks. See How It Works.
Guardrails, safety and security are foundational to GitHub Agentic Workflows. Workflows run with read-only permissions by default, with write operations only allowed through sanitized safe-outputs. The system implements multiple layers of protection including sandboxed execution, input sanitization, network isolation, supply chain security (SHA-pinned dependencies), tool allow-listing, and compile-time validation. Access can be gated to team members only, with human approval gates for critical operations, ensuring AI agents operate safely within controlled boundaries. See the for comprehensive details on threat modeling, implementation guidelines, and best practices.
No comments yet. Be the first to share your thoughts!
Using agentic workflows in your repository requires careful attention to security considerations and careful human supervision, and even then things can still go wrong. Use it with caution, and at your own risk.
For complete documentation, examples, and guides, see the Documentation. If you are an agent, download the llms.txt.
For development setup and contribution guidelines, see CONTRIBUTING.md.
network: { allowed: [] } still allows infrastructure domains — same behavior as network: {} (direct issue)