Pr Workflow
Give your coding agent consistent rules for atomic commits, small PRs, CI behavior in GitHub Actions, and safe dependency additions when you ship Turso-style repos.
Overview
pr-workflow is an agent skill most often used in Ship (also Build and Operate) that standardizes atomic commits, small PRs, CI WIP patterns, secret avoidance, and dependency licensing for solo builders shipping with git
Install
npx skills add https://github.com/tursodatabase/turso --skill pr-workflowWhat is this skill?
- Enforces atomic commits and discourages mixing logic with formatting or drive-by refactors
- PR discipline: keep changes small, run relevant tests, and let each commit advance the narrative
- GitHub Action CI notes: max-turns limits, WIP commits/pushes, and WIP PRs without rabbit-hole spirals
- Security gate: never commit .env files, credentials, or other secrets
- Third-party dependency flow: add license under licenses/ and update NOTICE.md; verify external APIs via official docs
- Two-step third-party dependency compliance: license file under licenses/ plus NOTICE.md update
- Explicit ban on committing .env files, credentials, and secrets
Adoption & trust: 697 installs on skills.sh; 19.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
Your agent mixes refactors with features, opens bloated PRs, or risks committing secrets and unlicensed dependencies because there is no shared PR and commit playbook.
Who is it for?
Solo builders or small teams on git + GitHub who want their agent to mirror disciplined commit/PR habits and Turso-style compliance checks every time they push or open a PR.
Skip if: Repos that do not use git/GitHub PRs, or teams that already enforce the same rules exclusively through hardened CI templates with no agent involvement.
When should I use this skill?
General guidelines for commits, formatting, CI, dependencies, and security whenever the agent commits, opens or extends PRs, or adds third-party packages.
What do I get? / Deliverables
Commits and PRs follow Turso-style focus, tests run before submit, CI stays task-scoped, secrets stay out of git, and new dependencies ship with licenses/ and NOTICE.md updates.
- Atomic, story-driven commit series
- Focused pull request with tests run beforehand
- Updated licenses/ and NOTICE.md when dependencies change
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Pull requests and commit hygiene are the canonical handoff from implementation to merge, so the primary shelf is Ship where review and submission happen. Review is where focused PRs, test-before-submit, and readable commit history matter most before code lands on main.
Where it fits
Split a large diff into atomic commits and a small PR that runs relevant tests before you request review.
Block an agent from staging .env or credential files and redirect to safe local-only configuration.
Add a new npm or cargo dependency only after placing its license under licenses/ and updating NOTICE.md.
Use interactive rebase to clean up follow-up fix commits before merging a production hotfix PR.
How it compares
Use as a procedural git-and-PR skill package instead of re-explaining commit and PR rules in every chat thread.
Common Questions / FAQ
Who is pr-workflow for?
pr-workflow is for solo and indie developers using AI coding agents on repositories that follow git, pull requests, and often GitHub Actions—especially Turso-adjacent or similarly structured open-source projects.
When should I use pr-workflow?
Use it during Ship when opening or refining PRs and reviews; during Build while making commits and adding dependencies; and during Operate when iterating on fixes—you want atomic history, pre-submit tests, CI focus, and no secrets in diffs.
Is pr-workflow safe to install?
The skill is instructional text about safer git practices and explicitly forbids committing secrets; review the Security Audits panel on this Prism page and your org policy before relying on any third-party skill in automated CI.
SKILL.md
READMESKILL.md - Pr Workflow
# PR Workflow Guide ## Commit Practices - **Atomic commits.** Small, focused, single purpose - **Don't mix:** logic + formatting, logic + refactoring - **Good message** = easy to write short description of intent Learn `git rebase -i` for clean history. ## PR Guidelines - Keep PRs focused and small - Run relevant tests before submitting - Each commit tells part of the story ## CI Environment Notes If running as GitHub Action: - Max-turns limit in `.github/workflows/claude.yml` - OK to commit WIP state and push - OK to open WIP PR and continue in another action - Don't spiral into rabbit holes. Stay focused on key task ## Security Never commit: - `.env` files - Credentials - Secrets ## Third-Party Dependencies When adding: 1. Add license file under `licenses/` 2. Update `NOTICE.md` with dependency info ## External APIs/Tools - Never guess API params or CLI args - Search official docs first - Ask for clarification if ambiguous