@elizaos/skills 2.0.0-alpha.3

package/skills/security-culture-index/skills/interpreting-culture-index/workflows/plan-onboarding.md

@@ -0,0 +1,322 @@
+<required_reading>
+
+**Read these reference files before planning onboarding:**
+1. `references/primary-traits.md` - A, B, C, D trait details and communication styles
+2. `references/team-composition.md` - Gas/Brake/Glue and conflict pairs
+3. `references/patterns-archetypes.md` - Pattern identification
+
+</required_reading>
+
+<purpose>
+
+Plan effective onboarding for a new hire using their Culture Index profile and the team's profiles. This workflow identifies likely allies, potential friction points, and provides specific recommendations for the first 90 days.
+
+**Context:** This workflow is typically used after the new hire has signed their offer and completed the CI survey, but before their start date.
+
+</purpose>
+
+<process>
+
+**Step 1: Load New Hire Profile**
+
+```
+New Hire: [Name]
+Start Date: [Date]
+Role: [Title]
+Reports To: [Manager name]
+
+Profile:
+- Pattern: [Archetype]
+- A: [position relative to arrow]
+- B: [position relative to arrow]
+- C: [position relative to arrow]
+- D: [position relative to arrow]
+- L: [absolute value]
+- I: [absolute value]
+- EU Survey: [value]
+```
+
+**If comparing to predicted profile (from interview):**
+| Trait | Predicted | Actual | Delta |
+|-------|-----------|--------|-------|
+| A | [pred] | [actual] | [diff] |
+| B | [pred] | [actual] | [diff] |
+| C | [pred] | [actual] | [diff] |
+| D | [pred] | [actual] | [diff] |
+
+Note any significant differences for onboarding planning.
+
+**Step 2: Load Team Profiles**
+
+List immediate team members:
+
+| Name | Pattern | A | B | C | D | Role |
+|------|---------|---|---|---|---|------|
+| [Manager] | [pattern] | [pos] | [pos] | [pos] | [pos] | Manager |
+| [Peer 1] | [pattern] | [pos] | [pos] | [pos] | [pos] | [role] |
+| [Peer 2] | [pattern] | [pos] | [pos] | [pos] | [pos] | [role] |
+
+**Team Composition:**
+- Gas (High A): [count] people
+- Brake (High D): [count] people
+- Glue (High B): [count] people
+
+**Step 3: Identify Natural Allies**
+
+Find team members with compatible profiles:
+
+**High compatibility indicators:**
+- Similar pattern/archetype
+- Similar B position (social energy match)
+- Similar C position (pace match)
+- Complementary traits (their strength helps their gap)
+
+| Team Member | Compatibility | Reason |
+|-------------|---------------|--------|
+| [Name] | High | [trait similarity or complement] |
+| [Name] | Medium | [partial match] |
+
+**Recommended buddy/mentor:**
+- Primary: [Name] - [reason for pairing]
+- Secondary: [Name] - [reason for backup]
+
+**Step 4: Flag Potential Friction Points**
+
+Find team members with opposite profiles:
+
+| Team Member | Friction Risk | Source | Mitigation |
+|-------------|---------------|--------|------------|
+| [Name] | High | [opposite trait] | [suggestion] |
+| [Name] | Medium | [gap] | [suggestion] |
+
+**Common friction sources:**
+- High A vs Low A: Independence vs collaboration expectations
+- High B vs Low B: Social needs mismatch
+- High C vs Low C: Pace/urgency mismatch
+- High D vs Low D: Detail orientation mismatch
+
+**Step 5: Manager Compatibility Assessment**
+
+Compare new hire to their manager:
+
+| Trait | Manager | New Hire | Gap | Adjustment Needed |
+|-------|---------|----------|-----|-------------------|
+| A | [pos] | [pos] | [diff] | [manager adjustment] |
+| B | [pos] | [pos] | [diff] | [manager adjustment] |
+| C | [pos] | [pos] | [diff] | [manager adjustment] |
+| D | [pos] | [pos] | [diff] | [manager adjustment] |
+
+**Manager coaching points:**
+- [Specific adjustment for this new hire]
+- [Specific adjustment for this new hire]
+
+**Step 6: Design First 30 Days**
+
+Based on new hire's profile:
+
+**Week 1 - Orientation:**
+
+| If New Hire Is... | Orientation Approach |
+|-------------------|---------------------|
+| High A | Give autonomy early, avoid over-managing, focus on outcomes |
+| Low A | Provide clear direction, structured intro, defined expectations |
+| High B | Introduce to team quickly, social activities, relationships first |
+| Low B | Gradual introductions, 1:1 over group, respect alone time |
+| High C | Predictable schedule, one thing at a time, advance notice |
+| Low C | Variety early, multiple projects, don't over-structure |
+| High D | Documented processes, clear SOPs, training materials |
+| Low D | Big picture context, creative problems, flexibility |
+
+**Your Week 1 approach:**
+- [Specific recommendation based on their traits]
+- [Specific recommendation based on their traits]
+- [Specific recommendation based on their traits]
+
+**Weeks 2-4 - Integration:**
+
+| Priority | Action | Why (based on profile) |
+|----------|--------|------------------------|
+| 1 | [action] | [trait-based reason] |
+| 2 | [action] | [trait-based reason] |
+| 3 | [action] | [trait-based reason] |
+
+**Step 7: Design 30-60 Days**
+
+| Focus Area | Approach for This Profile |
+|------------|---------------------------|
+| Feedback style | [Based on A and D traits] |
+| Meeting cadence | [Based on B and C traits] |
+| Project type | [Based on I and pattern] |
+| Independence level | [Based on A trait] |
+| Check-in format | [Based on B and C traits] |
+
+**Milestones to target:**
+- Day 30: [milestone appropriate for their pattern]
+- Day 45: [milestone appropriate for their pattern]
+- Day 60: [milestone appropriate for their pattern]
+
+**Step 8: Design 60-90 Days**
+
+At this stage, focus on:
+
+| If New Hire Is... | 60-90 Day Focus |
+|-------------------|-----------------|
+| High A | Expand scope, give ownership of projects |
+| Low A | Establish regular collaboration patterns |
+| High B | Integrate into team social fabric, culture building |
+| Low B | Ensure solo time is protected, deep work established |
+| High C | Consistent routines established, predictable workflow |
+| Low C | Multiple concurrent projects, varied work |
+| High D | Mastery of key processes, becoming the expert |
+| Low D | Creative challenges, problem-solving opportunities |
+
+**Success indicators by Day 90:**
+- [ ] [Indicator appropriate for their pattern]
+- [ ] [Indicator appropriate for their pattern]
+- [ ] [Indicator appropriate for their pattern]
+
+**Step 9: Prepare Manager Briefing**
+
+Create a one-page briefing for the manager:
+
+```markdown
+## Onboarding Briefing: [New Hire Name]
+
+**Start Date:** [Date]
+**Pattern:** [Archetype]
+
+### Key Traits to Understand
+| Trait | Position | What It Means |
+|-------|----------|---------------|
+| [Leading trait] | [High/Low] | [one-line implication] |
+| [Second trait] | [High/Low] | [one-line implication] |
+
+### Communication Style
+- **Prefer:** [based on traits]
+- **Avoid:** [based on traits]
+- **Feedback:** [how to deliver based on A/D]
+
+### What Motivates Them
+1. [Motivator based on profile]
+2. [Motivator based on profile]
+
+### Potential Friction Areas
+- With [team member]: [friction source and mitigation]
+
+### Recommended Buddy
+[Name] - [reason for pairing]
+
+### First Week Priorities
+1. [Priority based on their traits]
+2. [Priority based on their traits]
+3. [Priority based on their traits]
+
+### Red Flags to Watch
+- [Signal that they're struggling, based on profile]
+- [Signal that they're struggling, based on profile]
+```
+
+**Step 10: Compile Full Onboarding Plan**
+
+```markdown
+## Onboarding Plan: [New Hire Name]
+
+**Prepared:** [Date]
+**Start Date:** [Start Date]
+**Role:** [Title]
+**Manager:** [Manager Name]
+
+### Profile Summary
+- **Pattern:** [Archetype]
+- **Key Traits:** [Top 2-3 trait positions]
+- **EU:** [Survey value]
+
+### Team Integration
+
+**Natural Allies:**
+- [Name] - [reason]
+
+**Potential Friction:**
+- [Name] - [source and mitigation]
+
+**Recommended Buddy:** [Name]
+
+### Manager Adjustments
+1. [Adjustment based on trait gap]
+2. [Adjustment based on trait gap]
+
+### First 90 Days
+
+**Week 1:**
+- [Specific action]
+- [Specific action]
+
+**Days 8-30:**
+- [Focus area]
+- [Focus area]
+
+**Days 30-60:**
+- [Focus area]
+- [Focus area]
+
+**Days 60-90:**
+- [Focus area]
+- [Focus area]
+
+### Success Indicators
+- Day 30: [indicator]
+- Day 60: [indicator]
+- Day 90: [indicator]
+
+### Communication Preferences
+- **Style:** [based on traits]
+- **Frequency:** [based on C and B]
+- **Format:** [based on traits]
+
+### Motivators
+1. [Primary motivator]
+2. [Secondary motivator]
+
+### Watch Areas
+- [Signal they're struggling]
+- [Common challenge for this pattern]
+
+### Notes
+- [Any prediction vs actual differences]
+- [Any special considerations]
+```
+
+</process>
+
+<anti_patterns>
+
+Avoid these onboarding mistakes:
+
+- **One-size-fits-all onboarding**: Adjust approach based on their traits
+- **Ignoring manager compatibility**: Manager adjustments are critical for retention
+- **Assigning random buddies**: Match based on profile compatibility
+- **Over-socializing Low B's**: Respect their need for alone time
+- **Under-socializing High B's**: Include them quickly or they'll feel excluded
+- **Rushing High C's**: Give them time to settle into routines
+- **Boring Low C's**: Keep them engaged with variety
+- **Surprising High D's**: Provide structure and documentation
+
+</anti_patterns>
+
+<success_criteria>
+
+Onboarding plan is complete when:
+- [ ] New hire profile loaded and analyzed
+- [ ] Predicted vs actual comparison noted (if applicable)
+- [ ] All team profiles loaded
+- [ ] Natural allies identified with buddy recommendation
+- [ ] Friction points flagged with mitigations
+- [ ] Manager compatibility assessed with adjustments
+- [ ] First 30 days designed based on traits
+- [ ] 30-60 day plan created
+- [ ] 60-90 day plan created
+- [ ] Manager briefing prepared
+- [ ] Success indicators defined
+- [ ] Watch areas documented
+
+</success_criteria>

package/skills/security-culture-index/skills/interpreting-culture-index/workflows/predict-from-interview.md

@@ -0,0 +1,250 @@
+<required_reading>
+
+**Read these reference files before analyzing:**
+1. `references/interview-trait-signals.md` - Behavioral signals for each trait
+2. `references/primary-traits.md` - A, B, C, D trait details
+3. `references/secondary-traits.md` - L, I trait details
+4. `references/patterns-archetypes.md` - Pattern identification
+
+</required_reading>
+
+<purpose>
+
+Predict Culture Index traits from interview transcripts. This workflow is used when:
+- Candidates have been interviewed but haven't taken the CI survey yet
+- You want preliminary trait estimates before extending an offer
+- You want to compare predicted vs actual CI (after offer is signed)
+
+**Important:** This produces predictions, not diagnoses. The actual CI survey will be administered after an offer is signed and before the start date.
+
+</purpose>
+
+<process>
+
+**Step 1: Load the Transcript**
+
+Request the interview transcript. Ideal format includes:
+- Interviewer questions clearly marked
+- Candidate responses clearly marked
+- Timestamps or durations (helpful but not required)
+- Multiple interviews if available (more data = higher confidence)
+
+**Step 2: Initial Read-Through**
+
+First pass - get overall impression:
+- How does the candidate communicate?
+- What's their energy level?
+- What topics engage them most?
+- What's their default communication style?
+
+Note your initial gut sense before detailed analysis.
+
+**Step 3: Analyze A (Autonomy) Signals**
+
+Search transcript for:
+
+| Look For | High A | Low A |
+|----------|--------|-------|
+| Pronouns | "I decided", "I built" | "We decided", "Our team" |
+| Credit | Takes personal credit | Deflects to team |
+| Questions | Reframes, pushes back | Asks for clarification |
+| Initiative | Acted without being asked | Waited for direction |
+| Tone | Assertive, confident | Tentative, collaborative |
+
+**Record:**
+- Position: High / Low / Normative
+- Confidence: High / Medium / Low
+- Key quotes (2-3 examples)
+
+**Step 4: Analyze B (Social) Signals**
+
+Search transcript for:
+
+| Look For | High B | Low B |
+|----------|--------|-------|
+| Rapport | Builds connection, asks about interviewer | Gets straight to business |
+| Stories | People-centric narratives | Task-centric descriptions |
+| Responses | Verbose, talks through thinking | Brief, direct answers |
+| Energy | Animated, expressive | Reserved, measured |
+| Culture questions | Asks about team, social activities | Asks about work, tools |
+
+**Record:**
+- Position: High / Low / Normative
+- Confidence: High / Medium / Low
+- Key quotes (2-3 examples)
+
+**Step 5: Analyze C (Pace) Signals**
+
+Search transcript for:
+
+| Look For | High C | Low C |
+|----------|--------|-------|
+| Response speed | Pauses, thinks before answering | Rapid responses |
+| Structure | Methodical, sequential | Topic-jumps, tangents |
+| Ambiguity | Asks for clarification | Comfortable with unknowns |
+| Change | Prefers stability | Thrives with pivots |
+| Detail | One topic at a time | Multi-threads |
+
+**Record:**
+- Position: High / Low / Normative
+- Confidence: High / Medium / Low
+- Key quotes (2-3 examples)
+
+**Step 6: Analyze D (Conformity) Signals**
+
+Search transcript for:
+
+| Look For | High D | Low D |
+|----------|--------|-------|
+| Precision | Specific numbers, dates | Approximations, ranges |
+| Process | References rules, best practices | Describes creative approaches |
+| Answers | Structured, follows question format | Free-flowing, interpretive |
+| Quality | Mentions checking work, standards | Mentions outcomes, results |
+| Flexibility | Follows structure | Challenges premises |
+
+**Record:**
+- Position: High / Low / Normative
+- Confidence: High / Medium / Low
+- Key quotes (2-3 examples)
+
+**Step 7: Analyze L (Logic) - Absolute Scale**
+
+Search transcript for:
+
+| Look For | High L (8-10) | Low L (0-2) |
+|----------|---------------|-------------|
+| Framing | Data-driven, analytical | Values-driven, emotional |
+| Language | "The numbers showed..." | "It felt right..." |
+| Difficult topics | Emotion-neutral | Empathetic, emotional |
+| Decision-making | Evidence-based | Intuition-based |
+
+**Record:**
+- Score estimate: 0-10
+- Confidence: High / Medium / Low
+- Key quotes (1-2 examples)
+
+**Step 8: Analyze I (Ingenuity) - Absolute Scale**
+
+Search transcript for:
+
+| Look For | High I (7-10) | Low I (0-2) |
+|----------|---------------|-------------|
+| Problem-solving | Novel approaches | Proven methods |
+| Assumptions | Questions, challenges | Accepts, follows |
+| Examples | Original, creative | Standard, textbook |
+| Routine | Mentions boredom | Describes comfort |
+
+**Record:**
+- Score estimate: 0-10
+- Confidence: High / Medium / Low
+- Key quotes (1-2 examples)
+
+**Step 9: Identify Pattern**
+
+Based on trait positions, identify likely pattern:
+
+Cross-reference with `references/patterns-archetypes.md`:
+
+| If you see... | Likely pattern |
+|---------------|----------------|
+| High A, Low B, Low C, Low D | Architect/Visionary |
+| High A, High B, Low C | Rainmaker/Persuader |
+| Low A, Low B, High C, High D | Scholar/Specialist |
+| Low A, High B, High C | Accommodator |
+| Low A, Low B, Low C, High D | Technical Expert |
+
+**Only identify pattern if confidence is sufficient** - if traits are unclear, note "insufficient data for pattern identification."
+
+**Step 10: Flag Uncertainty Areas**
+
+Document where evidence is weak:
+- Traits with only 1-2 data points
+- Traits that showed inconsistent signals
+- Topics that weren't covered in interview
+- Signs of "interview mode" performance
+
+**Step 11: Generate Predicted Profile**
+
+Output using this structure:
+
+```markdown
+## Predicted Culture Index Profile: [Candidate Name]
+
+**Analysis Date:** [Date]
+**Transcript Source:** [Interview type, duration, interviewers]
+**Overall Confidence:** [High/Medium/Low]
+
+### Trait Predictions
+
+| Trait | Predicted | Confidence | Evidence |
+|-------|-----------|------------|----------|
+| A (Autonomy) | [High/Low/Norm] | [H/M/L] | "[Quote]" |
+| B (Social) | [High/Low/Norm] | [H/M/L] | "[Quote]" |
+| C (Pace) | [High/Low/Norm] | [H/M/L] | "[Quote]" |
+| D (Conformity) | [High/Low/Norm] | [H/M/L] | "[Quote]" |
+| L (Logic) | [0-10] | [H/M/L] | "[Quote]" |
+| I (Ingenuity) | [0-10] | [H/M/L] | "[Quote]" |
+
+### Predicted Pattern
+**[Pattern Name]** (if identifiable)
+
+[1-2 sentence description of what this pattern means]
+
+### Strongest Signals
+1. [Most clear trait signal with quote]
+2. [Second clearest signal with quote]
+
+### Uncertainty Areas
+- [Trait/area where more data needed]
+- [Trait/area where signals were mixed]
+
+### Interview Context Notes
+- [Any factors that may have affected behavior]
+- [Signs of interview performance mode]
+
+### Caveats
+- This is a prediction based on interview behavior, not a CI survey result
+- Interview stress may affect natural behavior patterns
+- Actual CI survey will be administered after offer acceptance
+- Use for preliminary assessment only - do not treat as definitive
+```
+
+</process>
+
+<verification>
+
+Before finalizing prediction:
+
+1. **Did I cite specific quotes?** Every trait prediction needs evidence
+2. **Did I note confidence levels?** Every trait needs H/M/L confidence
+3. **Did I flag uncertainties?** Where is evidence weak?
+4. **Did I include caveats?** Predictions are not diagnoses
+5. **Did I avoid over-confidence?** Especially for low-data traits
+
+</verification>
+
+<anti_patterns>
+
+Avoid these prediction mistakes:
+
+- **Over-interpreting single quotes**: One example isn't a pattern
+- **Ignoring interview context**: Stress affects behavior
+- **Treating predictions as definitive**: This is hypothesis, not diagnosis
+- **Skipping low-confidence traits**: Better to say "uncertain" than guess
+- **Assuming consistency**: Interview behavior may differ from daily behavior
+- **Forgetting to cite evidence**: Every claim needs a quote
+
+</anti_patterns>
+
+<success_criteria>
+
+Transcript analysis is complete when:
+- [ ] All 6 traits analyzed with position/score estimates
+- [ ] Each trait has confidence level (H/M/L)
+- [ ] Each trait has supporting quotes from transcript
+- [ ] Pattern identified (if sufficient confidence)
+- [ ] Uncertainty areas documented
+- [ ] Caveats clearly stated
+- [ ] Output follows standard format
+
+</success_criteria>

package/skills/security-differential-review/.claude-plugin/plugin.json

@@ -0,0 +1,10 @@
+{
+  "name": "differential-review",
+  "version": "1.0.0",
+  "description": "Security-focused differential review of code changes with git history analysis and blast radius estimation",
+  "author": {
+    "name": "Omar Inuwa",
+    "email": "opensource@trailofbits.com",
+    "url": "https://github.com/trailofbits"
+  }
+}

package/skills/security-differential-review/README.md

@@ -0,0 +1,109 @@
+# Differential Review
+
+Security-focused differential review of code changes with git history analysis and blast radius estimation.
+
+**Author:** Omar Inuwa
+
+## When to Use
+
+Use this skill when you need to:
+- Review PRs, commits, or diffs for security vulnerabilities
+- Detect security regressions (re-introduced vulnerabilities)
+- Analyze the blast radius of code changes
+- Check test coverage gaps for modified code
+
+## What It Does
+
+This skill performs comprehensive security review of code changes:
+
+- **Risk-First Analysis** - Prioritizes auth, crypto, value transfer, external calls
+- **Git History Analysis** - Uses blame to understand why code existed and detect regressions
+- **Blast Radius Calculation** - Quantifies impact by counting callers
+- **Test Coverage Gaps** - Identifies untested changes
+- **Adaptive Depth** - Scales analysis based on codebase size (small/medium/large)
+
+## Installation
+
+```
+/plugin install trailofbits/skills/plugins/differential-review
+```
+
+## Documentation Structure
+
+This skill uses a **modular documentation architecture** for token efficiency and progressive disclosure:
+
+### Core Entry Point
+- **[SKILL.md](skills/differential-review/SKILL.md)** - Main entry point (217 lines)
+  - Quick reference tables for triage
+  - Decision tree routing to detailed docs
+  - Quality checklist and red flags
+  - Integration with other skills
+
+### Supporting Documentation
+- **[methodology.md](skills/differential-review/methodology.md)** - Detailed phase-by-phase workflow (~200 lines)
+  - Pre-Analysis: Baseline context building
+  - Phase 0: Intake & Triage
+  - Phase 1: Changed Code Analysis
+  - Phase 2: Test Coverage Analysis
+  - Phase 3: Blast Radius Analysis
+  - Phase 4: Deep Context Analysis
+
+- **[adversarial.md](skills/differential-review/adversarial.md)** - Attacker modeling and exploit scenarios (~150 lines)
+  - Phase 5: Adversarial Vulnerability Analysis
+  - Attacker model definition (WHO/ACCESS/INTERFACE)
+  - Exploitability rating framework
+  - Complete exploit scenario templates
+
+- **[reporting.md](skills/differential-review/reporting.md)** - Report structure and formatting (~120 lines)
+  - Phase 6: Report Generation
+  - 9-section report template
+  - Formatting guidelines and conventions
+  - File naming and notification templates
+
+- **[patterns.md](skills/differential-review/patterns.md)** - Common vulnerability patterns (~80 lines)
+  - Security regressions detection
+  - Reentrancy, access control, overflow patterns
+  - Quick detection bash commands
+
+### Benefits of This Structure
+- **Token Efficient** - Load only the documentation you need
+- **Progressive Disclosure** - Quick reference for triage, detailed docs for deep analysis
+- **Maintainable** - Each concern separated into its own file
+- **Navigable** - Decision tree routes you to the right document
+
+## Workflow
+
+The complete workflow spans Pre-Analysis + Phases 0-6:
+
+1. **Pre-Analysis** - Build baseline context with `audit-context-building` skill (if available)
+2. **Phase 0: Intake** - Extract changes, assess size, risk-score files
+3. **Phase 1: Changed Code** - Analyze diffs, git blame, check for regressions
+4. **Phase 2: Test Coverage** - Identify coverage gaps
+5. **Phase 3: Blast Radius** - Calculate impact of changes
+6. **Phase 4: Deep Context** - Five Whys root cause analysis
+7. **Phase 5: Adversarial Analysis** - Hunt vulnerabilities with attacker model
+8. **Phase 6: Report** - Generate comprehensive markdown report
+
+**Navigation:** Use the decision tree in SKILL.md to jump directly to the phase you need.
+
+## Output
+
+Generates a markdown report with:
+- Executive summary with severity distribution
+- Critical findings with attack scenarios and PoCs
+- Test coverage analysis
+- Blast radius analysis
+- Historical context and regression risks
+- Actionable recommendations
+
+## Example Usage
+
+```
+Review the security implications of this PR:
+git diff main..feature/auth-changes
+```
+
+## Related Skills
+
+- `context-building` - Used for baseline context analysis
+- `issue-writer` - Transform findings into formal audit reports