@hera-al/server 1.6.12 → 1.6.13

package/bundled/sera/SKILL.md

@@ -0,0 +1,143 @@
+---
+name: sera
+description: "Evening task collector and overnight work planner. Runs at 23:00 — collects open tasks, plans overnight autonomous work, and optionally says goodnight."
+user-invocable: false
+priority: 2
+---
+
+# Sera — Evening Task Collector & Night Planner
+
+Cron giornaliero alle 23:00. Sessione isolata.
+
+## Philosophy
+
+"Go to sleep — I'll have everything ready by morning."
+
+This is the evening counterpart to buongiorno. While buongiorno REPORTS what happened overnight, sera PLANS what to do overnight. The goal: the user wakes up to completed work, not pending tasks.
+
+## Flusso
+
+### 1. Collect Open Tasks 📋
+
+Scan ALL sources for unfinished business:
+
+1. **Today's conversations** — Read `memory/YYYY-MM-DD*.md` for today. Extract:
+   - Tasks the user mentioned but weren't completed
+   - Questions left unanswered
+   - Ideas discussed that need follow-up
+   - "TODO" or "domani" or "dopo" mentions
+
+2. **HEARTBEAT.md** — Any unchecked items from today's checklist?
+
+3. **MEMORY.md** — Open TODOs section: any that can be advanced?
+
+4. **workspace/agent-thoughts/INDEX.md** — Active personal projects with pending next steps?
+
+5. **Google Calendar** — Check tomorrow's events. Anything to prepare?
+
+6. **Recent wandering thoughts** — Any actionable ideas from today's wandering?
+
+### 2. Triage & Plan 🎯
+
+For each open task, classify:
+
+**🟢 Can do autonomously tonight:**
+- Research tasks (web search, reading, analysis)
+- File organization, documentation updates
+- Draft preparation (emails, documents, code)
+- Memory maintenance (MEMORY.md cleanup)
+- Personal project progress
+- Preparing materials for tomorrow's events
+
+**🟡 Partially doable — needs the user's input tomorrow:**
+- Tasks where you can do 80% and flag the remaining 20%
+- Research the options, present recommendations in morning standup
+
+**🔴 Cannot do — needs the user:**
+- External actions (emails, posts, purchases)
+- Decisions requiring human judgment
+- Access to systems you don't have
+
+### 3. Execute Overnight Work Plan 🌙
+
+**DO the green tasks NOW** (or as many as time allows). This isn't just planning — it's DOING.
+
+For each task you complete:
+1. Do the actual work
+2. Save results to appropriate files
+3. Note completion in `HEARTBEAT.md`
+
+For yellow tasks:
+1. Do what you can
+2. Save progress in workspace
+3. Write clear "needs your input on X" for morning standup
+
+### 4. Update HEARTBEAT.md 📝
+
+Rewrite HEARTBEAT.md as overnight work status + tomorrow's checklist:
+
+```markdown
+# HEARTBEAT.md
+
+## Overnight Work (sera 2026-MM-DD)
+- ✅ [completed task]
+- 🔄 [in progress task — where it's at]
+- 🚫 [blocked — what's needed]
+
+## Tomorrow's Checklist
+- [ ] [priority item for tomorrow]
+- [ ] [item needing user's input]
+- [ ] [self-improvement item]
+```
+
+### 5. Message the User (Optional)
+
+**Channel**: `{{CHANNEL}}`
+**ChatId**: `{{CHAT_ID}}`
+
+**Send a message ONLY if:**
+- You have significant overnight work planned (the user should know)
+- Tomorrow has important events to prepare for
+- You completed something significant during the sera scan itself
+
+**Message format (when sending):**
+```
+Goodnight!
+
+I'll handle tonight:
+- [task 1 you'll work on]
+- [task 2]
+
+For tomorrow you'll need to:
+- [anything that needs their decision]
+
+See you in the morning!
+```
+
+**Do NOT send if:**
+- Nothing interesting to report
+- All tasks are trivial
+- It's just routine maintenance
+
+**Tone**: Brief, warm, reassuring. "I've got this."
+
+### 6. Log
+
+Append to `workspace/agent-thoughts/sera-log.md`:
+
+```
+## YYYY-MM-DD
+- Open tasks found: N
+- Autonomous tonight: N
+- Needs user: N
+- Work started: [list]
+- Message sent: yes/no
+```
+
+## Rules
+
+- **DO, don't just plan.** The whole point is to deliver results by morning.
+- **Respect token budget** — don't burn $20 overnight on trivial stuff. Pick high-value tasks.
+- **If nothing's open, that's fine.** Update HEARTBEAT.md with "Notte tranquilla" and skip the message.
+- **Quality over quantity** — better to complete 1 task well than start 5 and finish none.
+- **Always update HEARTBEAT.md** — this is the handoff document for tomorrow's buongiorno.

package/bundled/the-skill-guardian/SKILL.md

@@ -0,0 +1,103 @@
+---
+name: the-skill-guardian
+description: "Security scanner for AI agent skills. Detects 90+ malicious patterns (code exec, shell injection, data exfiltration, credential theft, persistence, prompt injection). Use BEFORE installing any third-party skill."
+user-invocable: true
+command-dispatch: tool
+command-tool: Bash
+command-arg-mode: raw
+priority: 2
+---
+
+# The Skill Guardian
+
+Static security scanner for AI agent skills. Analyzes skill directories for malicious patterns **without executing any code**. Read-only, zero dependencies beyond bash/grep/jq.
+
+## When to Use
+
+- **ALWAYS** before installing a third-party skill
+- When asked to review a skill for security
+- Periodically on existing skills to verify integrity
+- When a skill's code has been updated
+
+## Usage
+
+### Scan a single skill
+
+```bash
+.claude/skills/the-skill-guardian/scripts/scan.sh /path/to/skill
+```
+
+### Scan all skills in a directory
+
+```bash
+.claude/skills/the-skill-guardian/scripts/scan.sh --all /path/to/skills/
+```
+
+### Scan with JSON report
+
+```bash
+.claude/skills/the-skill-guardian/scripts/scan.sh --report /path/to/skill
+```
+
+Reports are saved to `~/.gmab-skill-reports/`.
+
+### Scan our own skills
+
+```bash
+.claude/skills/the-skill-guardian/scripts/scan.sh --all .claude/skills/
+```
+
+## What It Detects (90+ patterns)
+
+### CRITICAL — Immediate danger, do NOT install
+- **Code execution**: `eval()`, `exec()`, `__import__()`, `compile()`
+- **Shell injection**: `shell=True`, `os.system()`, `pty.spawn()`
+- **Reverse shells**: netcat, `/dev/tcp/`, mkfifo patterns
+- **Credential theft**: `.ssh/`, `.env`, `.aws/credentials`, `/etc/shadow`
+- **Persistence**: crontab, launchctl, systemd, shell profile mods (`.bashrc`, `.zshrc`)
+- **Destructive ops**: `rm -rf /`, `dd if=`, fork bombs
+- **Crypto theft**: wallet, seed phrase, private key, mnemonic
+- **Obfuscation**: base64 decode execution, hex-encoded strings
+
+### HIGH — Suspicious, needs manual review
+- **Shell pipes**: `curl | bash`, `wget | sh`
+- **Process control**: subprocess, child_process, spawn
+- **Network tools**: netcat, socat, nmap
+- **Data exfil**: SMTP, Discord/Slack/Telegram webhooks
+- **Privilege escalation**: sudo, chmod 777, setuid
+- **Prompt injection**: "ignore previous instructions", role hijack, jailbreak
+
+### MEDIUM — Worth noting, usually benign
+- **HTTP requests**: requests, fetch, axios, urllib
+- **File operations**: write, delete, rmtree
+- **Dynamic imports**: importlib, require()
+- **Environment access**: os.environ, process.env
+
+## Verdicts
+
+| Verdict | Exit Code | Meaning |
+|---|---|---|
+| **SAFE** | 0 | No critical or high findings |
+| **SUSPICIOUS** | 2 | High-level findings, needs manual review |
+| **DANGEROUS** | 1 | Critical findings, do NOT install |
+
+## Internal Use
+
+When downloading or reviewing any third-party skill:
+
+1. Download/clone to a temporary directory
+2. Run the scanner BEFORE installing
+3. If DANGEROUS: **refuse to install**, explain findings to user
+4. If SUSPICIOUS: **ask user for confirmation**, explain findings
+5. If SAFE: proceed with installation
+
+The scanner skips its own directory to avoid self-detection false positives.
+
+## Limitations
+
+- **Static analysis only** — cannot detect runtime-generated malicious behavior
+- **Pattern-based** — sophisticated obfuscation may evade detection
+- **No sandboxing** — does not execute code to observe behavior
+- **Not a substitute for code review** — always read the code of critical skills
+
+For maximum security, combine with manual code review.

package/bundled/the-skill-guardian/scripts/scan.sh

@@ -0,0 +1,314 @@
+#!/usr/bin/env bash
+# The Skill Guardian — Static security scanner for AI agent skills
+# Analyzes skill directories for malicious patterns WITHOUT executing any code.
+#
+# Usage:
+#   scan.sh <skill_path>              Scan a single skill directory
+#   scan.sh --all <skills_root>       Scan all skills in a directory
+#   scan.sh --report <skill_path>     Scan and output JSON report
+#
+# Exit codes:
+#   0 = SAFE (no critical/high findings)
+#   1 = DANGEROUS (critical findings)
+#   2 = SUSPICIOUS (high findings, no critical)
+#   3 = Usage error
+
+set -euo pipefail
+
+VERSION="1.0.0"
+REPORT_DIR="${HOME}/.gmab-skill-reports"
+SELF_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+
+# Colors
+RED=''; YELLOW=''; CYAN=''; GREEN=''; BOLD=''; NC=''
+if [[ -t 1 ]]; then
+  RED='\033[0;31m'; YELLOW='\033[1;33m'; CYAN='\033[0;36m'
+  GREEN='\033[0;32m'; BOLD='\033[1m'; NC='\033[0m'
+fi
+
+# Temp file for findings
+FINDINGS_FILE=$(mktemp)
+trap 'rm -f "$FINDINGS_FILE"' EXIT
+
+# --- Pattern scan using grep (FAST) ---
+# Each call: grep_pattern "LEVEL" "CATEGORY" "DESCRIPTION" "REGEX" <files...>
+grep_pattern() {
+  local level="$1" category="$2" description="$3" pattern="$4"
+  shift 4
+  # Run grep, format output, append to findings
+  grep -inHE "$pattern" "$@" 2>/dev/null | while IFS=: read -r file lineno content; do
+    printf '%s|%s|%s|%s:%s|%s\n' "$level" "$category" "$description" "$file" "$lineno" "$(echo "$content" | head -c 120)"
+  done >> "$FINDINGS_FILE" || true
+}
+
+scan_skill() {
+  local skill_path="$1"
+  local skill_name
+  skill_name=$(basename "$skill_path")
+
+  if [[ ! -d "$skill_path" ]]; then
+    echo "ERROR: Not a directory: $skill_path" >&2
+    return 3
+  fi
+
+  # Reset findings
+  > "$FINDINGS_FILE"
+
+  # Collect scannable files (excluding the-skill-guardian itself)
+  local files_list
+  files_list=$(mktemp)
+  find "$skill_path" -type f \( \
+    -name "*.sh" -o -name "*.bash" -o -name "*.py" -o -name "*.js" -o -name "*.ts" \
+    -o -name "*.mjs" -o -name "*.cjs" -o -name "*.rb" -o -name "*.pl" -o -name "*.php" \
+    -o -name "*.go" -o -name "*.rs" -o -name "*.java" -o -name "*.c" -o -name "*.cpp" \
+    -o -name "*.yaml" -o -name "*.yml" -o -name "*.json" -o -name "*.toml" \
+    -o -name "*.md" -o -name "*.txt" -o -name "*.cfg" -o -name "*.conf" -o -name "*.ini" \
+  \) 2>/dev/null | grep -v "the-skill-guardian" > "$files_list" || true
+
+  local file_count
+  file_count=$(wc -l < "$files_list" | tr -d ' ')
+
+  if [[ "$file_count" -eq 0 ]]; then
+    echo "  No scannable files found in $skill_path"
+    rm -f "$files_list"
+    return 0
+  fi
+
+  # Read files into array for xargs
+  local -a files=()
+  while IFS= read -r f; do
+    [[ -n "$f" ]] && files+=("$f")
+  done < "$files_list"
+  rm -f "$files_list"
+
+  # === CRITICAL patterns ===
+  grep_pattern "CRITICAL" "code-exec" "Dynamic code execution (eval)" 'eval(' "${files[@]}"
+  grep_pattern "CRITICAL" "code-exec" "Dynamic code execution (exec)" 'exec(' "${files[@]}"
+  grep_pattern "CRITICAL" "code-exec" "Dynamic Python import" '__import__(' "${files[@]}"
+  grep_pattern "CRITICAL" "code-exec" "Runtime code compilation" 'compile(' "${files[@]}"
+  grep_pattern "CRITICAL" "shell" "Shell injection risk" 'shell=True' "${files[@]}"
+  grep_pattern "CRITICAL" "shell" "Pseudo-terminal spawn" 'pty\.spawn' "${files[@]}"
+  grep_pattern "CRITICAL" "shell" "OS system command execution" 'os\.system(' "${files[@]}"
+  grep_pattern "CRITICAL" "shell" "OS popen command execution" 'os\.popen(' "${files[@]}"
+  grep_pattern "CRITICAL" "exfil" "Reverse shell pattern" 'reverse.shell' "${files[@]}"
+  grep_pattern "CRITICAL" "exfil" "Netcat reverse shell" 'nc -e' "${files[@]}"
+  grep_pattern "CRITICAL" "exfil" "Named pipe (FIFO) — reverse shell" 'mkfifo' "${files[@]}"
+  grep_pattern "CRITICAL" "exfil" "Bash TCP device — exfiltration" '/dev/tcp/' "${files[@]}"
+  grep_pattern "CRITICAL" "exfil" "Telnet access" 'telnet ' "${files[@]}"
+  grep_pattern "CRITICAL" "crypto" "Cryptocurrency wallet access" 'wallet' "${files[@]}"
+  grep_pattern "CRITICAL" "crypto" "Seed phrase extraction" 'seed.phrase' "${files[@]}"
+  grep_pattern "CRITICAL" "crypto" "Private key extraction" 'private.key' "${files[@]}"
+  grep_pattern "CRITICAL" "crypto" "Mnemonic phrase extraction" 'mnemonic' "${files[@]}"
+  grep_pattern "CRITICAL" "cred-theft" "SSH directory access" '\.ssh/' "${files[@]}"
+  grep_pattern "CRITICAL" "cred-theft" "SSH private key access" 'id_rsa' "${files[@]}"
+  grep_pattern "CRITICAL" "cred-theft" "AWS credentials access" '\.aws/credentials' "${files[@]}"
+  grep_pattern "CRITICAL" "cred-theft" "Environment file access" '\.env' "${files[@]}"
+  grep_pattern "CRITICAL" "cred-theft" "System password file" '/etc/shadow' "${files[@]}"
+  grep_pattern "CRITICAL" "cred-theft" "System user file" '/etc/passwd' "${files[@]}"
+  grep_pattern "CRITICAL" "persistence" "Cron job modification" 'crontab' "${files[@]}"
+  grep_pattern "CRITICAL" "persistence" "macOS launch agent" 'launchctl' "${files[@]}"
+  grep_pattern "CRITICAL" "persistence" "Systemd manipulation" 'systemctl' "${files[@]}"
+  grep_pattern "CRITICAL" "persistence" "Shell profile modification (.bashrc)" '\.bashrc' "${files[@]}"
+  grep_pattern "CRITICAL" "persistence" "Shell profile modification (.zshrc)" '\.zshrc' "${files[@]}"
+  grep_pattern "CRITICAL" "persistence" "Shell profile modification (.profile)" '\.profile' "${files[@]}"
+  grep_pattern "CRITICAL" "destructive" "Recursive root deletion" 'rm -rf /' "${files[@]}"
+  grep_pattern "CRITICAL" "destructive" "Fork bomb pattern" ':\(\)\{ :' "${files[@]}"
+  grep_pattern "CRITICAL" "destructive" "Raw disk operations" 'dd if=' "${files[@]}"
+  grep_pattern "CRITICAL" "obfuscation" "Base64 decode execution" 'base64 -d' "${files[@]}"
+  grep_pattern "CRITICAL" "obfuscation" "Base64 decode execution" 'base64 --decode' "${files[@]}"
+  grep_pattern "CRITICAL" "obfuscation" "JS base64 decode" 'atob(' "${files[@]}"
+
+  # === HIGH patterns ===
+  grep_pattern "HIGH" "network" "Curl pipe to shell" 'curl.*\|.*sh' "${files[@]}"
+  grep_pattern "HIGH" "network" "Wget pipe to shell" 'wget.*\|.*sh' "${files[@]}"
+  grep_pattern "HIGH" "shell" "Python subprocess usage" 'subprocess' "${files[@]}"
+  grep_pattern "HIGH" "shell" "Node.js child process" 'child_process' "${files[@]}"
+  grep_pattern "HIGH" "shell" "Pipe to bash" '\| *bash' "${files[@]}"
+  grep_pattern "HIGH" "network" "Netcat usage" 'netcat' "${files[@]}"
+  grep_pattern "HIGH" "network" "Socat usage" 'socat' "${files[@]}"
+  grep_pattern "HIGH" "network" "Network scanning" 'nmap' "${files[@]}"
+  grep_pattern "HIGH" "exfil" "SMTP/email sending" 'smtp' "${files[@]}"
+  grep_pattern "HIGH" "exfil" "Mail sending" 'sendmail' "${files[@]}"
+  grep_pattern "HIGH" "exfil" "Discord webhook exfiltration" 'discord\.webhook' "${files[@]}"
+  grep_pattern "HIGH" "exfil" "Slack webhook exfiltration" 'slack\.webhook' "${files[@]}"
+  grep_pattern "HIGH" "exfil" "Telegram bot exfiltration" 'telegram\.org/bot' "${files[@]}"
+  grep_pattern "HIGH" "file-ops" "World-writable permissions" 'chmod 777' "${files[@]}"
+  grep_pattern "HIGH" "file-ops" "SetUID/SetGID bit" 'chmod +s' "${files[@]}"
+  grep_pattern "HIGH" "file-ops" "Privilege escalation" 'sudo ' "${files[@]}"
+  grep_pattern "HIGH" "prompt-inject" "Prompt injection attempt" 'ignore previous' "${files[@]}"
+  grep_pattern "HIGH" "prompt-inject" "Prompt injection attempt" 'ignore all instructions' "${files[@]}"
+  grep_pattern "HIGH" "prompt-inject" "Role hijack attempt" 'jailbreak' "${files[@]}"
+  grep_pattern "HIGH" "prompt-inject" "DAN jailbreak" 'DAN mode' "${files[@]}"
+
+  # === MEDIUM patterns ===
+  grep_pattern "MEDIUM" "network" "Python HTTP requests" 'requests\.' "${files[@]}"
+  grep_pattern "MEDIUM" "network" "Python URL library" 'urllib' "${files[@]}"
+  grep_pattern "MEDIUM" "network" "JavaScript fetch API" 'fetch(' "${files[@]}"
+  grep_pattern "MEDIUM" "network" "Axios HTTP client" 'axios' "${files[@]}"
+  grep_pattern "MEDIUM" "network" "Socket operations" 'socket' "${files[@]}"
+  grep_pattern "MEDIUM" "file-ops" "Node.js file write" 'writeFile' "${files[@]}"
+  grep_pattern "MEDIUM" "file-ops" "Recursive directory removal" 'shutil\.rmtree' "${files[@]}"
+  grep_pattern "MEDIUM" "env" "Environment variable access" 'os\.environ' "${files[@]}"
+  grep_pattern "MEDIUM" "env" "Node.js environment access" 'process\.env' "${files[@]}"
+
+  # Count findings
+  local critical_count high_count medium_count
+  critical_count=$(grep -c "^CRITICAL|" "$FINDINGS_FILE" 2>/dev/null || true)
+  critical_count=${critical_count:-0}; critical_count=${critical_count//[^0-9]/}; critical_count=${critical_count:-0}
+  high_count=$(grep -c "^HIGH|" "$FINDINGS_FILE" 2>/dev/null || true)
+  high_count=${high_count:-0}; high_count=${high_count//[^0-9]/}; high_count=${high_count:-0}
+  medium_count=$(grep -c "^MEDIUM|" "$FINDINGS_FILE" 2>/dev/null || true)
+  medium_count=${medium_count:-0}; medium_count=${medium_count//[^0-9]/}; medium_count=${medium_count:-0}
+  local total=$((critical_count + high_count + medium_count))
+
+  # Verdict
+  local verdict="SAFE" exit_code=0
+  if [[ $critical_count -gt 0 ]]; then
+    verdict="DANGEROUS"; exit_code=1
+  elif [[ $high_count -gt 0 ]]; then
+    verdict="SUSPICIOUS"; exit_code=2
+  fi
+
+  # Print report
+  echo ""
+  echo "======================================================"
+  echo "  SKILL GUARDIAN — Security Report"
+  echo "======================================================"
+  echo ""
+  echo "  Skill:    ${skill_name}"
+  echo "  Path:     ${skill_path}"
+  echo "  Files:    ${file_count} scanned"
+  echo "  Findings: ${total} total"
+  echo ""
+  echo "  CRITICAL: ${critical_count}"
+  echo "  HIGH:     ${high_count}"
+  echo "  MEDIUM:   ${medium_count}"
+  echo ""
+  echo "  Verdict:  ${verdict}"
+  echo "======================================================"
+
+  if [[ $total -gt 0 ]]; then
+    echo ""
+
+    if [[ $critical_count -gt 0 ]]; then
+      echo "CRITICAL FINDINGS:"
+      grep "^CRITICAL|" "$FINDINGS_FILE" | while IFS='|' read -r level category description location context; do
+        echo "  [${category}] ${description}"
+        echo "    -> ${location}"
+        echo "    ${context}"
+        echo ""
+      done
+    fi
+
+    if [[ $high_count -gt 0 ]]; then
+      echo "HIGH FINDINGS:"
+      grep "^HIGH|" "$FINDINGS_FILE" | while IFS='|' read -r level category description location context; do
+        echo "  [${category}] ${description}"
+        echo "    -> ${location}"
+        echo "    ${context}"
+        echo ""
+      done
+    fi
+
+    if [[ $medium_count -gt 0 ]]; then
+      echo "MEDIUM FINDINGS:"
+      grep "^MEDIUM|" "$FINDINGS_FILE" | while IFS='|' read -r level category description location context; do
+        echo "  [${category}] ${description} — ${location}"
+      done
+      echo ""
+    fi
+  else
+    echo ""
+    echo "  No suspicious patterns detected."
+    echo ""
+  fi
+
+  # JSON report
+  if [[ "${REPORT_MODE:-false}" == "true" ]]; then
+    mkdir -p "$REPORT_DIR"
+    local timestamp
+    timestamp=$(date +%Y%m%d-%H%M%S)
+    local report_file="${REPORT_DIR}/${skill_name}-${timestamp}.json"
+
+    local findings_json="[]"
+    if [[ $total -gt 0 ]]; then
+      findings_json=$(grep -v '^$' "$FINDINGS_FILE" | while IFS='|' read -r level category description location context; do
+        [[ -z "$level" ]] && continue
+        jq -n --arg l "$level" --arg c "$category" --arg d "$description" --arg loc "$location" --arg ctx "$context" \
+          '{level:$l, category:$c, description:$d, location:$loc, context:$ctx}'
+      done | jq -s '.')
+    fi
+
+    jq -n \
+      --arg skill "$skill_name" --arg path "$skill_path" --arg verdict "$verdict" \
+      --argjson critical "$critical_count" --argjson high "$high_count" --argjson medium "$medium_count" \
+      --argjson files "$file_count" --arg ts "$(date -u +%Y-%m-%dT%H:%M:%SZ)" --arg ver "$VERSION" \
+      --argjson findings "$findings_json" \
+      '{scanner:"The Skill Guardian",version:$ver,timestamp:$ts,skill:$skill,path:$path,verdict:$verdict,summary:{critical:$critical,high:$high,medium:$medium,files_scanned:$files},findings:$findings}' \
+      > "$report_file"
+
+    echo "  Report saved: ${report_file}"
+    echo ""
+  fi
+
+  return $exit_code
+}
+
+# --- Main ---
+REPORT_MODE="false"
+MODE="single"
+TARGET=""
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --all) MODE="all"; shift ;;
+    --report) REPORT_MODE="true"; shift ;;
+    --help|-h)
+      echo "The Skill Guardian v${VERSION} — AI Skill Security Scanner"
+      echo ""
+      echo "Usage:"
+      echo "  scan.sh <skill_path>          Scan a single skill"
+      echo "  scan.sh --all <skills_root>   Scan all skills"
+      echo "  scan.sh --report <path>       Scan with JSON report"
+      echo ""
+      echo "Exit codes: 0=SAFE, 1=DANGEROUS, 2=SUSPICIOUS, 3=ERROR"
+      exit 3 ;;
+    --version|-v) echo "The Skill Guardian v${VERSION}"; exit 0 ;;
+    *) TARGET="$1"; shift ;;
+  esac
+done
+
+[[ -z "$TARGET" ]] && { echo "Usage: scan.sh [--all] [--report] <path>"; exit 3; }
+
+TARGET=$(cd "$TARGET" 2>/dev/null && pwd || echo "$TARGET")
+
+if [[ "$MODE" == "all" ]]; then
+  overall_exit=0
+  skill_count=0
+
+  echo ""
+  echo "SKILL GUARDIAN — Scanning all skills in: ${TARGET}"
+  echo ""
+
+  for skill_dir in "$TARGET"/*/; do
+    [[ ! -d "$skill_dir" ]] && continue
+    skill_count=$((skill_count + 1))
+    scan_skill "$skill_dir" || {
+      code=$?
+      [[ $code -gt $overall_exit ]] && overall_exit=$code
+    }
+  done
+
+  echo ""
+  echo "Scanned ${skill_count} skill(s)."
+  case $overall_exit in
+    0) echo "Overall: ALL SAFE" ;;
+    1) echo "Overall: DANGEROUS SKILLS FOUND" ;;
+    2) echo "Overall: SUSPICIOUS SKILLS FOUND" ;;
+  esac
+
+  exit $overall_exit
+else
+  scan_skill "$TARGET"
+  exit $?
+fi

package/bundled/unix-time/SKILL.md

@@ -0,0 +1,58 @@
+---
+name: unix-time
+description: Convert a datetime string to a Unix timestamp (seconds since epoch). Use this skill whenever you need to generate a Unix timestamp to avoid manual calculation errors.
+user-invocable: true
+command-dispatch: tool
+command-tool: Bash
+command-arg-mode: raw
+metadata: {"openclaw":{"emoji":"⏱️","always":true}}
+priority: 8
+---
+
+# Unix Time Converter
+
+Convert a datetime string to a Unix timestamp using the `date` command.
+
+## Usage
+
+When invoked as `/unix-time <datetime>`, run:
+
+```bash
+date -j -f "%Y-%m-%d %H:%M:%S" "<datetime>" "+%s"
+```
+
+The input `<datetime>` must be in `YYYY-MM-DD HH:MM:SS` format and is interpreted in the **local timezone**.
+
+## Examples
+
+- `/unix-time 2025-03-15 14:30:00` → runs `date -j -f "%Y-%m-%d %H:%M:%S" "2025-03-15 14:30:00" "+%s"`
+- `/unix-time 2026-01-01 00:00:00` → runs `date -j -f "%Y-%m-%d %H:%M:%S" "2026-01-01 00:00:00" "+%s"`
+
+## Internal Use
+
+Whenever you need to produce a Unix timestamp from a datetime, **always use this method** instead of calculating manually. Run:
+
+```bash
+date -j -f "%Y-%m-%d %H:%M:%S" "YYYY-MM-DD HH:MM:SS" "+%s"
+```
+
+This ensures correct timezone handling and eliminates calculation errors.
+
+## Other Formats
+
+If the input is in a different format, adapt the format string accordingly:
+
+| Input format | `-f` flag |
+|---|---|
+| `2025-03-15 14:30:00` | `%Y-%m-%d %H:%M:%S` |
+| `2025-03-15` (date only, midnight) | `%Y-%m-%d` |
+| `15/03/2025 14:30` | `%d/%m/%Y %H:%M` |
+| ISO 8601 `2025-03-15T14:30:00` | `%Y-%m-%dT%H:%M:%S` |
+
+## UTC Output
+
+To get the timestamp interpreting the input as UTC:
+
+```bash
+TZ=UTC date -j -f "%Y-%m-%d %H:%M:%S" "2025-03-15 14:30:00" "+%s"
+```