| name | hermes-automation |
| description | Developer workflow automation — git, Docker, CI/CD, code review, monitoring, dependencies, backups, and project management |
| version | 1.0.0 |
| license | MIT |
| metadata | {"author":"azizaeffendi","hermes":{"tags":["automation","devops","git","docker","cicd","github-actions","monitoring","dependencies","productivity"],"category":"devops","requires_toolsets":["terminal"]}} |
Developer workflow automation across 8 domains. Each domain encodes a complete, production-tested procedure that the agent follows precisely — no guessing, no improvising. Covers git workflow, Docker, CI/CD pipelines, code review, monitoring, dependency management, backup/recovery, and project management.
The Core Principle
Automate the repeatable. Document the exceptional. Every workflow in this skill is a procedure that a senior engineer has refined through production experience. The agent follows it exactly so you don't have to remember the steps.
When to Use
- User invokes:
/hermes-automation, $hermes-automation
- User asks about git: "commit my changes", "write a PR description", "how should I branch this?", "resolve this conflict"
- User asks about Docker: "create a Dockerfile", "optimize my image", "set up docker-compose"
- User asks about CI/CD: "create a GitHub Actions workflow", "add tests to my pipeline", "deploy automatically"
- User asks about review: "review this PR", "check this diff", "is this production-ready?"
- User asks about monitoring: "set up health checks", "create an alert", "write a runbook"
- User asks about dependencies: "are my dependencies vulnerable?", "can I upgrade X safely?", "audit my packages"
- User asks about backups: "verify my backups work", "set up a backup strategy", "test my restore process"
- User asks about project management: "generate release notes", "update the changelog", "triage these issues"
Quick Reference
git diff main...HEAD --stat
git log main...HEAD --oneline
docker build -t myapp . && docker images myapp
docker scout cves myapp:latest
act --list
npm audit --audit-level=high
pip-audit
cargo audit
curl -si https://your-app.com/health | grep -E "HTTP|status|healthy"
Automation Domains
Load only the reference file relevant to the user's request.
01 — Git Workflow
Branch naming conventions, conventional commits, PR descriptions, squash vs merge strategies, conflict resolution, tag and release creation.
→ Load: references/git-workflow.md
02 — Docker & Containers
Multi-stage Dockerfiles, .dockerignore, layer caching, image optimization, docker-compose for development, health checks, non-root users, container security.
→ Load: references/docker-automation.md
03 — CI/CD Pipelines
GitHub Actions workflows for test/build/deploy, environment promotion gates, secret management in pipelines, branch protection rules, matrix builds, deployment rollback.
→ Load: references/cicd-pipeline.md
04 — Code Review
Structured review checklist (correctness, security, performance, maintainability), automated review for common issues, diff analysis, reviewer assignment, review templates.
→ Load: references/code-review.md
05 — Monitoring & Alerts
Health check endpoints, uptime monitoring setup, alert thresholds, PagerDuty/OpsGenie integration patterns, on-call runbooks, incident response templates, postmortem structure.
→ Load: references/monitoring-alerts.md
06 — Dependency Management
Safe upgrade strategies, breaking change detection, semantic versioning, license compliance checking, vulnerability audit and triage, Dependabot/Renovate configuration.
→ Load: references/dependency-management.md
07 — Backup & Recovery
Backup verification (not just creation), restore testing procedures, retention policy configuration, disaster recovery runbooks, RTO/RPO documentation.
→ Load: references/backup-recovery.md
08 — Project Management
Automated release notes generation, CHANGELOG.md updates, issue triage templates, sprint planning checklists, milestone tracking, label taxonomy.
→ Load: references/project-management.md
Core Instructions
- Follow the procedure exactly. Each reference file contains numbered steps refined through production use. Do not improvise or skip steps.
- Verify at the end. Every reference file has a Verification section. Always run the verification steps and report results.
- If a step fails, stop and report. Do not continue a procedure after a step fails without explaining why and asking the user how to proceed.
- Use the exact commands shown in reference files. Don't paraphrase commands — typos in shell commands cause data loss.
- Respect destructive operation warnings. Steps marked with ⚠️ DESTRUCTIVE require explicit confirmation before running.
Output Format
For automation tasks, always show:
── PLAN ────────────────────────────────────────
Domain: [git-workflow / docker / cicd / etc.]
Task: [what will be done]
Steps: [N steps]
Est: [time estimate]
── EXECUTING ───────────────────────────────────
✅ Step 1: [action taken]
✅ Step 2: [action taken]
⚠️ Step 3: [action that needs confirmation]
→ Waiting for approval before proceeding
── RESULT ──────────────────────────────────────
Status: [Success / Partial / Failed]
Output: [relevant output]
Next: [what to do next]
Pitfalls
git add . can include secrets — always use git add -p (interactive) or specific file paths for commits that touch config files
- Docker COPY before npm install — copying all files before
npm install breaks layer caching; always copy package.json and package-lock.json first
- GitHub Actions
pull_request_target is dangerous — it runs in the context of the target branch with full secrets access; use pull_request for untrusted code
npm audit fix --force can break your app — major version upgrades may contain breaking changes; review the changelog before applying
- Backup without restore test = no backup — a backup that has never been restored is untested; always include a restore verification step
- Environment variables in GitHub Actions logs —
echo $SECRET prints the secret even if it's masked; use >> $GITHUB_OUTPUT for outputs, never echo secrets
References
references/git-workflow.md — Branch strategy, conventional commits, PRs, conflict resolution
references/docker-automation.md — Dockerfiles, optimization, compose, security
references/cicd-pipeline.md — GitHub Actions, deployment gates, environment promotion
references/code-review.md — Review process, automated checks, diff analysis
references/monitoring-alerts.md — Health checks, alerts, runbooks, incident response
references/dependency-management.md — Audits, safe upgrades, license compliance
references/backup-recovery.md — Backup strategies, restore testing, disaster recovery
references/project-management.md — Release notes, changelog, issue triage