* fix(ci): pin floating GitHub Actions tags and ascii-guard to explicit versions
Actions pinned to @main pull whatever is at that ref at execution time,
so a compromised upstream org could execute arbitrary code in CI.
- Pin DeterminateSystems/nix-installer-action to commit SHA (v22)
- Pin DeterminateSystems/magic-nix-cache-action to commit SHA (v13)
- Pin ascii-guard to 2.3.0 in docs-site-checks workflow
SHA comments include the version tag for human readability; Renovate or
Dependabot can keep these updated automatically.
* Add skill metadata extraction step in workflow
Add step to extract skill metadata for dashboard in CI workflow.
---------
Co-authored-by: Siddharth Balyan <52913345+alt-glitch@users.noreply.github.com>
dbc11abcb6