Execute qualquer Skill no Manus
com um clique

Execute qualquer Skill no Manus com um clique

$pwd:

nix-github-rate-limit

Name: Nix Github Rate Limit
Author: ryoppippi

// Prevents and handles GitHub API rate limits during Nix commands. Use when running nix flake, nix run, nix build, nix shell, or comma against GitHub-backed inputs.

Executar no Manus

$ git log --oneline --stat

stars:241

forks:5

updated:19 de maio de 2026 às 00:40

SKILL.md

readonly

name	nix-github-rate-limit
description	Prevents and handles GitHub API rate limits during Nix commands. Use when running nix flake, nix run, nix build, nix shell, or comma against GitHub-backed inputs.

Nix GitHub Rate Limit

Use this skill before running Nix commands that may fetch GitHub-backed flakes or packages, especially nix flake update, nix run github:..., nix run nixpkgs#..., nix build, nix shell, and comma.

Default Approach

Prefer ephemeral token injection from GitHub CLI. Do not write GitHub tokens to nix.conf, repository files, skill files, shell config, or command arguments.

Use command substitution inside NIX_CONFIG for a single command when gh is already authenticated. Shell history records the literal command substitution, not the expanded token:

env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix flake update

If ghtkn is configured and a short-lived GitHub App user token is preferred:

env NIX_CONFIG="access-tokens = github.com=$(ghtkn get)" nix flake update

If GITHUB_TOKEN is already present in the environment, bridge it into Nix's documented access-tokens setting without exposing the token value in the command text:

env NIX_CONFIG="access-tokens = github.com=$GITHUB_TOKEN" nix flake update

Do not create GITHUB_TOKEN by pasting a raw token into the terminal or an agent tool call.

For this dotfiles repo:

env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run .#build
env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run .#switch
env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run .#update

For missing tool execution:

env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run nixpkgs#<package> -- <args>
env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix shell nixpkgs#<package> --command <command>

Workflow

If the command is a Nix command that may touch GitHub, check whether gh is available and authenticated:
```
command -q gh; and gh auth status
```
If GITHUB_TOKEN is already set, run the Nix command with NIX_CONFIG="access-tokens = github.com=$GITHUB_TOKEN".
If gh is authenticated, run the Nix command with NIX_CONFIG="access-tokens = github.com=$(gh auth token)".
If ghtkn is configured and the user prefers short-lived GitHub App tokens, use NIX_CONFIG="access-tokens = github.com=$(ghtkn get)".
If no safe token source is available, run the command normally unless the user explicitly wants to authenticate first.
If a GitHub API rate limit error appears, retry once with the safest available NIX_CONFIG wrapper.

History Safety

Follow the global command privacy rule: command text, shell history, process lists, terminal output, tool invocation logs, and coding-agent transcripts must not contain raw tokens.
Prefer inline command substitution such as $(gh auth token) or $(ghtkn get) inside the command the user runs.
It is also acceptable to reference an existing environment variable by name, such as $GITHUB_TOKEN; do not assign the raw value in the command.
Do not paste a raw token into the terminal, even temporarily.
Do not run commands like env NIX_CONFIG="access-tokens = github.com=ghp_..." ....
Do not place raw tokens in agent tool calls, command logs, or explanatory messages.
Do not store a token in fish universal variables, exported shell variables, direnv files, or shell history cleanup scripts.
If a raw token was accidentally pasted, tell the user to rotate or revoke it. Deleting shell history is not enough.

Avoid

Do not use --access-tokens "github.com=$(gh auth token)" because command arguments can be exposed via process listings.
Do not store PATs in ~/.config/nix/nix.conf, /etc/nix/nix.conf, repository files, or dotfiles by default.
Do not suggest broad PAT scopes. Public GitHub fetches should not need additional repository permissions.
Do not print tokens, echo tokens, or include them in logs, summaries, commits, PR descriptions, or issue comments.

Notes

Unauthenticated GitHub REST API requests are rate limited much more aggressively than authenticated requests.
NIX_CONFIG keeps the token out of the command arguments, but environment variables can still be visible to sufficiently privileged local processes. Prefer it only for short-lived commands.
If GITHUB_TOKEN is already provided by CI or a controlled environment, Nix may use it, but do not create or persist it just for local interactive use.

related-skills.json

mesmo repositório

tdd.md

from "ryoppippi/dotfiles"

Guides t-wada Red-Green-Refactor TDD. Use when implementing features, fixing bugs, or refactoring logic with strict test-first development.

2026-05-19241

missing-tools.md

from "ryoppippi/dotfiles"

Resolves missing CLI tools. Use when a command is unavailable, a shell reports command not found, or a tool must be run without installing it globally.

2026-05-19241

ask-codex.md

from "ryoppippi/dotfiles"

Consults Codex CLI for a second opinion on implementation plans, code reviews, or problem-solving. Use when an independent perspective from a different agent is needed before a significant decision.

2026-05-17241

commit.md

from "ryoppippi/dotfiles"

Creates atomic Conventional Commits. Use when committing code changes, splitting hunks into revertable units, or writing detailed commit messages.

2026-05-17241

council.md

from "ryoppippi/dotfiles"

Spawns parallel task agents to explore a codebase area. Use when researching unfamiliar code, auditing a subsystem, or gathering diverse perspectives before a design decision.

2026-05-17241

create-pr.md

from "ryoppippi/dotfiles"

Runs the full PR workflow — creates a feature branch, commits, pushes, and opens the pull request. Use when the user asks to create or open a PR ("create a PR", "push this up and open a PR").

2026-05-17241

package.json

"author": "ryoppippi"

"repository": "ryoppippi/dotfiles"

Abrir repositório GitHub Ver repositórios do creator

$ install --global

$ download --local

Executar no Manus

$ useful --forSOC

Administradores de redes e sistemas de computadorInformática e Matemática15-1244L4

name	nix-github-rate-limit
description	Prevents and handles GitHub API rate limits during Nix commands. Use when running nix flake, nix run, nix build, nix shell, or comma against GitHub-backed inputs.

Nix GitHub Rate Limit

Default Approach

Prefer ephemeral token injection from GitHub CLI. Do not write GitHub tokens to nix.conf, repository files, skill files, shell config, or command arguments.

Use command substitution inside NIX_CONFIG for a single command when gh is already authenticated. Shell history records the literal command substitution, not the expanded token:

env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix flake update

If ghtkn is configured and a short-lived GitHub App user token is preferred:

env NIX_CONFIG="access-tokens = github.com=$(ghtkn get)" nix flake update

If GITHUB_TOKEN is already present in the environment, bridge it into Nix's documented access-tokens setting without exposing the token value in the command text:

env NIX_CONFIG="access-tokens = github.com=$GITHUB_TOKEN" nix flake update

Do not create GITHUB_TOKEN by pasting a raw token into the terminal or an agent tool call.

For this dotfiles repo:

env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run .#build
env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run .#switch
env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run .#update

For missing tool execution:

env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix run nixpkgs#<package> -- <args>
env NIX_CONFIG="access-tokens = github.com=$(gh auth token)" nix shell nixpkgs#<package> --command <command>

Workflow

If the command is a Nix command that may touch GitHub, check whether gh is available and authenticated:
```
command -q gh; and gh auth status
```
If GITHUB_TOKEN is already set, run the Nix command with NIX_CONFIG="access-tokens = github.com=$GITHUB_TOKEN".
If gh is authenticated, run the Nix command with NIX_CONFIG="access-tokens = github.com=$(gh auth token)".
If ghtkn is configured and the user prefers short-lived GitHub App tokens, use NIX_CONFIG="access-tokens = github.com=$(ghtkn get)".
If no safe token source is available, run the command normally unless the user explicitly wants to authenticate first.
If a GitHub API rate limit error appears, retry once with the safest available NIX_CONFIG wrapper.

History Safety

Follow the global command privacy rule: command text, shell history, process lists, terminal output, tool invocation logs, and coding-agent transcripts must not contain raw tokens.
Prefer inline command substitution such as $(gh auth token) or $(ghtkn get) inside the command the user runs.
It is also acceptable to reference an existing environment variable by name, such as $GITHUB_TOKEN; do not assign the raw value in the command.
Do not paste a raw token into the terminal, even temporarily.
Do not run commands like env NIX_CONFIG="access-tokens = github.com=ghp_..." ....
Do not place raw tokens in agent tool calls, command logs, or explanatory messages.
Do not store a token in fish universal variables, exported shell variables, direnv files, or shell history cleanup scripts.
If a raw token was accidentally pasted, tell the user to rotate or revoke it. Deleting shell history is not enough.

Avoid

Do not use --access-tokens "github.com=$(gh auth token)" because command arguments can be exposed via process listings.
Do not store PATs in ~/.config/nix/nix.conf, /etc/nix/nix.conf, repository files, or dotfiles by default.
Do not suggest broad PAT scopes. Public GitHub fetches should not need additional repository permissions.
Do not print tokens, echo tokens, or include them in logs, summaries, commits, PR descriptions, or issue comments.

Notes

Unauthenticated GitHub REST API requests are rate limited much more aggressively than authenticated requests.
NIX_CONFIG keeps the token out of the command arguments, but environment variables can still be visible to sufficiently privileged local processes. Prefer it only for short-lived commands.
If GITHUB_TOKEN is already provided by CI or a controlled environment, Nix may use it, but do not create or persist it just for local interactive use.

nix-github-rate-limit

Nix GitHub Rate Limit

Default Approach

Workflow

History Safety

Avoid

Notes

Mais deste repositório

Mais deste repositório

Nix GitHub Rate Limit

Default Approach

Workflow

History Safety

Avoid

Notes