agenticlately · GH-600 Study Prep
Home Phase B Lesson B0.1
PHASE B · LESSON B0.1

APIs + workflows = the agent's hands

Welcome to Domain 2 — the biggest slice of the exam (20–25%). Before we hand the agent fancy tools, answer the plain question: how does it touch the repo at all? With GitHub's own APIs and workflows — the same doors a human developer uses. Get this, and every later lesson clicks into place.

~8 minread 4quiz questions Tier 1source cited
Story

A tradesperson shows up at a building site. Before they pick up a single power tool, ask the simpler question: how do they touch the building at all?

With their hands, and the site's standard equipment — the door, the freight elevator, the loading dock, the work-order clipboard. They don't teleport through walls. They don't cut a secret back entrance. They use the same doors every other worker uses, and the site rules — who's allowed on which floor — apply to them exactly the same.

An AI agent on GitHub is that worker, and its hands are GitHub's APIs and workflows. Before the fancy tools (the rest of Domain 2), see the plain truth: an agent never reaches outside GitHub. It opens the same doors a human developer opens — branches, commits, pull requests — through the same machinery. That's the foundation the whole domain stands on.

The idea, in plain English

Three words first, because the exam leans on them:

The core claim of this lesson

An agent acts on a repo through three layers — APIs, Actions workflows, and agentic workflows — and all three are the same mechanisms humans already use. The agent gets no special back door: the same permissions and the same audit trail apply automatically.

The three layers (the agent's "hands")

LayerWhat it isIts job
GitHub APIsthe direct reachread repo state + perform actions: create branches/commits, read files, open/update PRs, trigger workflows. The hand that grabs.
Actions workflowsthe execution layerrun the agent's steps inside a controlled runner — a sandboxed computer with a scoped token. The bounded, logged workbench.
Agentic workflowsthe orchestration layerdescribe agent behavior that runs over time, reacting to repo events. GitHub calls this "Continuous AI" — it extends CI/CD, doesn't replace it.
The punchline

All of this runs through the platform's own structures — they apply the same permissions, give the agent a place to run, and route its changes through pull requests. Translation: the same guardrails that govern humans govern the agent automatically — because it's using the same doors. Big for GH-600.

How the hands actually move — the five-step change

When an agent changes code it does nothing exotic. It follows the exact sequence a human follows, and each step is a specific API call:

#What happensWhich API area
1Pick a base branch (e.g. main)Git references
2Create a working branchGit references
3Modify / create filesRepository contents
4Commit the changesRepository contents
5Open a pull requestPull requests

Same five moves you learned for humans in Phase 0 (branches → commits → PRs). The agent just makes them as API calls instead of clicks.

Three ways a workflow gets kicked off (its trigger types — memorize these):

Worked example — the agent's hands, made literal

A minimal Actions workflow that uses the GitHub CLI (gh) to open an issue — exactly the kind of "hand" an agent uses. Every line annotated:

# .github/workflows/file-a-bug.yml   ← workflows MUST live here, .yml/.yaml
name: File a bug                      # label shown in the Actions tab (optional)
on:                                   # WHAT triggers this run …
  workflow_dispatch:                  #   … a human pressing "Run" (manual trigger)
permissions:                          # what the run's token is ALLOWED to do …
  issues: write                       #   … least-privilege: only write issues, nothing else
jobs:
  open-issue:
    runs-on: ubuntu-latest            # the throwaway runner (the workbench)
    steps:
      - uses: actions/checkout@v4     # step 1: download the repo onto the runner
      - run: gh issue create --title "Found a bug" --body "details…"
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}   # the scoped token = permission to act

Read it as a sentence: "When a human presses Run, spin up a runner, check out the repo, and — using a token that can only write issues — create an issue." That GITHUB_TOKEN is the load-bearing idea: the hands can only do what the token permits. No token power → no action. (We go deep on tool permissions in 2.2.)

And the addresses those hands dial into come from the github context: github.api_urlhttps://api.github.com (REST), github.graphql_urlhttps://api.github.com/graphql.

Traditional vs agentic — one-look contrast

A traditional Actions workflow is deterministic: you write every step, trigger, and condition in YAML; it does exactly that, every time. An agentic workflow hands some of the decision-making to the agent at run time — it analyzes and plans rather than following a fixed script. Same engine (Actions, runners, tokens), different driver. Either way it's still GitHub's machinery — still permissioned, still logged.

The cert-language version

GitHub supports agents through three layers: APIs (read state + act), Actions workflows (execute in a controlled runner), and agentic workflows ("Continuous AI" — orchestrate over time, extending CI/CD). Agents use the same mechanisms developers use — branches, commits, pull requests — and act through structures that enforce permissions and remain auditable. They do not operate outside the platform.

Our summary · grounded in MS Learn — Agent tooling, MCP, and execution environments + GitHub Docs (Actions workflow syntax, contexts) · fetched 2026-05-31

Common confusions (read these or get them wrong on the exam)

Ticks this lesson done on the home roadmap. Saved in this browser.

Quiz · Lock it in

0 / 0 answered
Q1 · multiple choice

An exam option says: "An AI agent edits a repo through a private channel that skips GitHub's permission checks." Is it right?

Answer · C. Agents don't operate outside GitHub. They interact through APIs, workflows, and repo structures that enforce permissions and stay auditable — the same doors a human uses. D is wrong too: agents very much make changes (branches, commits, PRs).
Q2 · multiple choice

Which correctly pairs one of the three layers with its job?

Answer · B. APIs = the direct reach. Actions workflows = execution in a controlled runner (they don't replace CI/CD). Agentic workflows = orchestration over time ("Continuous AI"), which extends CI/CD. A and D swap the layers' jobs.
Q3 · multiple choice

A workflow file has on: workflow_dispatch. How does it get triggered?

Answer · D. workflow_dispatch is the manual trigger. Automatic triggers are repo events like push and pull_request; a third way is programmatic (another program calls the API).
Q4 · explain back

In your own words: name the three layers an agent uses to act on GitHub, and list the five steps it takes to propose a code change — saying what (if anything) is different from a human doing it.

Suggested answer

Three layers: APIs (read state + perform actions), Actions workflows (execute steps in a controlled runner), and agentic workflows / "Continuous AI" (orchestrate behavior over time, extending CI/CD). Five steps: pick a base branch → create a working branch → edit files → commit → open a pull request. What's different: nothing in the steps — the agent just performs each as an API call instead of a click, hitting a different API area per step (git refs, contents, pull requests), and stays bound by the same permissions and audit trail.


  


  
  

  

    Source · MS Learn — Agent tooling, MCP, and execution environments + GitHub Docs (Actions workflow syntax, contexts) · fetched 2026-05-31
  


  
Unofficial study material. Not affiliated with, endorsed by, or sponsored by GitHub or Microsoft. “GH-600” and “GitHub” are trademarks of their respective owners, used for identification only.