@rubix0270/arboris 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (451) hide show
  1. package/package.json +25 -37
  2. package/run.mjs +10 -0
  3. package/dist/cli.mjs +0 -383
  4. package/manifest.json +0 -323
  5. package/prisma/skills/accessibility/SKILL.md +0 -147
  6. package/prisma/skills/agent-architecture-audit/SKILL.md +0 -257
  7. package/prisma/skills/agent-eval/SKILL.md +0 -146
  8. package/prisma/skills/agent-harness-construction/SKILL.md +0 -74
  9. package/prisma/skills/agent-introspection-debugging/SKILL.md +0 -154
  10. package/prisma/skills/agent-payment-x402/SKILL.md +0 -225
  11. package/prisma/skills/agent-self-evaluation/SKILL.md +0 -182
  12. package/prisma/skills/agent-self-evaluation/examples/high-score-example.md +0 -87
  13. package/prisma/skills/agent-self-evaluation/examples/low-score-example.md +0 -86
  14. package/prisma/skills/agent-self-evaluation/references/evaluation-criteria.md +0 -71
  15. package/prisma/skills/agent-self-evaluation/references/hook-integration.md +0 -64
  16. package/prisma/skills/agent-self-evaluation/scripts/evaluate.py +0 -408
  17. package/prisma/skills/agent-self-evaluation/templates/evaluation-report.md +0 -86
  18. package/prisma/skills/agent-sort/SKILL.md +0 -216
  19. package/prisma/skills/agentic-engineering/SKILL.md +0 -64
  20. package/prisma/skills/agentic-os/SKILL.md +0 -388
  21. package/prisma/skills/ai-first-engineering/SKILL.md +0 -52
  22. package/prisma/skills/ai-regression-testing/SKILL.md +0 -386
  23. package/prisma/skills/android-clean-architecture/SKILL.md +0 -340
  24. package/prisma/skills/angular-developer/SKILL.md +0 -155
  25. package/prisma/skills/angular-developer/references/angular-animations.md +0 -160
  26. package/prisma/skills/angular-developer/references/angular-aria.md +0 -410
  27. package/prisma/skills/angular-developer/references/cli.md +0 -86
  28. package/prisma/skills/angular-developer/references/component-harnesses.md +0 -59
  29. package/prisma/skills/angular-developer/references/component-styling.md +0 -91
  30. package/prisma/skills/angular-developer/references/components.md +0 -117
  31. package/prisma/skills/angular-developer/references/creating-services.md +0 -97
  32. package/prisma/skills/angular-developer/references/data-resolvers.md +0 -69
  33. package/prisma/skills/angular-developer/references/define-routes.md +0 -67
  34. package/prisma/skills/angular-developer/references/defining-providers.md +0 -72
  35. package/prisma/skills/angular-developer/references/di-fundamentals.md +0 -120
  36. package/prisma/skills/angular-developer/references/e2e-testing.md +0 -56
  37. package/prisma/skills/angular-developer/references/effects.md +0 -83
  38. package/prisma/skills/angular-developer/references/hierarchical-injectors.md +0 -43
  39. package/prisma/skills/angular-developer/references/host-elements.md +0 -80
  40. package/prisma/skills/angular-developer/references/injection-context.md +0 -63
  41. package/prisma/skills/angular-developer/references/inputs.md +0 -101
  42. package/prisma/skills/angular-developer/references/linked-signal.md +0 -59
  43. package/prisma/skills/angular-developer/references/loading-strategies.md +0 -61
  44. package/prisma/skills/angular-developer/references/mcp.md +0 -108
  45. package/prisma/skills/angular-developer/references/navigate-to-routes.md +0 -69
  46. package/prisma/skills/angular-developer/references/outputs.md +0 -86
  47. package/prisma/skills/angular-developer/references/reactive-forms.md +0 -122
  48. package/prisma/skills/angular-developer/references/rendering-strategies.md +0 -44
  49. package/prisma/skills/angular-developer/references/resource.md +0 -77
  50. package/prisma/skills/angular-developer/references/route-animations.md +0 -56
  51. package/prisma/skills/angular-developer/references/route-guards.md +0 -52
  52. package/prisma/skills/angular-developer/references/router-lifecycle.md +0 -45
  53. package/prisma/skills/angular-developer/references/router-testing.md +0 -87
  54. package/prisma/skills/angular-developer/references/show-routes-with-outlets.md +0 -68
  55. package/prisma/skills/angular-developer/references/signal-forms.md +0 -795
  56. package/prisma/skills/angular-developer/references/signals-overview.md +0 -94
  57. package/prisma/skills/angular-developer/references/tailwind-css.md +0 -69
  58. package/prisma/skills/angular-developer/references/template-driven-forms.md +0 -114
  59. package/prisma/skills/angular-developer/references/testing-fundamentals.md +0 -65
  60. package/prisma/skills/api-connector-builder/SKILL.md +0 -121
  61. package/prisma/skills/api-design/SKILL.md +0 -524
  62. package/prisma/skills/architecture-decision-records/SKILL.md +0 -180
  63. package/prisma/skills/article-writing/SKILL.md +0 -80
  64. package/prisma/skills/automation-audit-ops/SKILL.md +0 -143
  65. package/prisma/skills/autonomous-agent-harness/SKILL.md +0 -274
  66. package/prisma/skills/autonomous-loops/SKILL.md +0 -611
  67. package/prisma/skills/backend-patterns/SKILL.md +0 -562
  68. package/prisma/skills/benchmark/SKILL.md +0 -94
  69. package/prisma/skills/benchmark-methodology/SKILL.md +0 -190
  70. package/prisma/skills/benchmark-optimization-loop/SKILL.md +0 -70
  71. package/prisma/skills/blender-motion-state-inspection/SKILL.md +0 -165
  72. package/prisma/skills/blueprint/SKILL.md +0 -106
  73. package/prisma/skills/brand-discovery/SKILL.md +0 -145
  74. package/prisma/skills/brand-discovery/references/10_purpose-why.md +0 -40
  75. package/prisma/skills/brand-discovery/references/20_positioning.md +0 -44
  76. package/prisma/skills/brand-discovery/references/30_audience-niche.md +0 -52
  77. package/prisma/skills/brand-discovery/references/40_personality-archetype.md +0 -57
  78. package/prisma/skills/brand-discovery/references/50_voice-tone.md +0 -59
  79. package/prisma/skills/brand-discovery/references/60_narrative-story.md +0 -50
  80. package/prisma/skills/brand-discovery/references/70_founder-tension.md +0 -49
  81. package/prisma/skills/brand-discovery/references/90_SYNTHESIS.md +0 -133
  82. package/prisma/skills/brand-voice/SKILL.md +0 -98
  83. package/prisma/skills/brand-voice/references/voice-profile-schema.md +0 -55
  84. package/prisma/skills/browser-qa/SKILL.md +0 -105
  85. package/prisma/skills/bun-runtime/SKILL.md +0 -85
  86. package/prisma/skills/canary-watch/SKILL.md +0 -108
  87. package/prisma/skills/carrier-relationship-management/SKILL.md +0 -212
  88. package/prisma/skills/cisco-ios-patterns/SKILL.md +0 -164
  89. package/prisma/skills/ck/SKILL.md +0 -148
  90. package/prisma/skills/ck/commands/forget.mjs +0 -44
  91. package/prisma/skills/ck/commands/info.mjs +0 -24
  92. package/prisma/skills/ck/commands/init.mjs +0 -143
  93. package/prisma/skills/ck/commands/list.mjs +0 -40
  94. package/prisma/skills/ck/commands/migrate.mjs +0 -202
  95. package/prisma/skills/ck/commands/resume.mjs +0 -36
  96. package/prisma/skills/ck/commands/save.mjs +0 -210
  97. package/prisma/skills/ck/commands/shared.mjs +0 -387
  98. package/prisma/skills/ck/hooks/session-start.mjs +0 -224
  99. package/prisma/skills/claude-devfleet/SKILL.md +0 -112
  100. package/prisma/skills/click-path-audit/SKILL.md +0 -245
  101. package/prisma/skills/clickhouse-io/SKILL.md +0 -440
  102. package/prisma/skills/code-tour/SKILL.md +0 -254
  103. package/prisma/skills/codebase-onboarding/SKILL.md +0 -234
  104. package/prisma/skills/codehealth-mcp/SKILL.md +0 -167
  105. package/prisma/skills/coding-standards/SKILL.md +0 -551
  106. package/prisma/skills/competitive-platform-analysis/SKILL.md +0 -214
  107. package/prisma/skills/competitive-report-structure/SKILL.md +0 -162
  108. package/prisma/skills/compose-multiplatform-patterns/SKILL.md +0 -300
  109. package/prisma/skills/config-gc/SKILL.md +0 -120
  110. package/prisma/skills/configure-ecc/SKILL.md +0 -385
  111. package/prisma/skills/connections-optimizer/SKILL.md +0 -190
  112. package/prisma/skills/content-engine/SKILL.md +0 -132
  113. package/prisma/skills/content-hash-cache-pattern/SKILL.md +0 -162
  114. package/prisma/skills/context-budget/SKILL.md +0 -136
  115. package/prisma/skills/continuous-agent-loop/SKILL.md +0 -46
  116. package/prisma/skills/continuous-learning/SKILL.md +0 -132
  117. package/prisma/skills/continuous-learning/config.json +0 -18
  118. package/prisma/skills/continuous-learning/evaluate-session.sh +0 -69
  119. package/prisma/skills/continuous-learning-v2/SKILL.md +0 -361
  120. package/prisma/skills/continuous-learning-v2/agents/observer-loop.sh +0 -359
  121. package/prisma/skills/continuous-learning-v2/agents/observer.md +0 -189
  122. package/prisma/skills/continuous-learning-v2/agents/session-guardian.sh +0 -150
  123. package/prisma/skills/continuous-learning-v2/agents/start-observer.sh +0 -248
  124. package/prisma/skills/continuous-learning-v2/config.json +0 -8
  125. package/prisma/skills/continuous-learning-v2/hooks/observe.sh +0 -585
  126. package/prisma/skills/continuous-learning-v2/scripts/detect-project.sh +0 -322
  127. package/prisma/skills/continuous-learning-v2/scripts/instinct-cli.py +0 -1956
  128. package/prisma/skills/continuous-learning-v2/scripts/lib/homunculus-dir.sh +0 -31
  129. package/prisma/skills/continuous-learning-v2/scripts/migrate-homunculus.sh +0 -68
  130. package/prisma/skills/continuous-learning-v2/scripts/test_parse_instinct.py +0 -1421
  131. package/prisma/skills/cost-aware-llm-pipeline/SKILL.md +0 -184
  132. package/prisma/skills/cost-tracking/SKILL.md +0 -97
  133. package/prisma/skills/council/SKILL.md +0 -204
  134. package/prisma/skills/cpp-coding-standards/SKILL.md +0 -724
  135. package/prisma/skills/cpp-testing/SKILL.md +0 -325
  136. package/prisma/skills/crosspost/SKILL.md +0 -112
  137. package/prisma/skills/csharp-testing/SKILL.md +0 -322
  138. package/prisma/skills/customer-billing-ops/SKILL.md +0 -141
  139. package/prisma/skills/customs-trade-compliance/SKILL.md +0 -263
  140. package/prisma/skills/dart-flutter-patterns/SKILL.md +0 -564
  141. package/prisma/skills/dashboard-builder/SKILL.md +0 -109
  142. package/prisma/skills/data-scraper-agent/SKILL.md +0 -765
  143. package/prisma/skills/data-throughput-accelerator/SKILL.md +0 -73
  144. package/prisma/skills/database-migrations/SKILL.md +0 -430
  145. package/prisma/skills/deep-research/SKILL.md +0 -160
  146. package/prisma/skills/defi-amm-security/SKILL.md +0 -167
  147. package/prisma/skills/delivery-gate/SKILL.md +0 -126
  148. package/prisma/skills/delivery-gate/hooks/quality-gate.py +0 -220
  149. package/prisma/skills/deployment-patterns/SKILL.md +0 -428
  150. package/prisma/skills/design-system/SKILL.md +0 -83
  151. package/prisma/skills/django-celery/SKILL.md +0 -458
  152. package/prisma/skills/django-patterns/SKILL.md +0 -735
  153. package/prisma/skills/django-security/SKILL.md +0 -644
  154. package/prisma/skills/django-tdd/SKILL.md +0 -730
  155. package/prisma/skills/django-verification/SKILL.md +0 -470
  156. package/prisma/skills/dmux-workflows/SKILL.md +0 -192
  157. package/prisma/skills/docker-patterns/SKILL.md +0 -365
  158. package/prisma/skills/documentation-lookup/SKILL.md +0 -91
  159. package/prisma/skills/dotnet-patterns/SKILL.md +0 -322
  160. package/prisma/skills/dynamic-workflow-mode/SKILL.md +0 -124
  161. package/prisma/skills/e2e-testing/SKILL.md +0 -327
  162. package/prisma/skills/ecc-guide/SKILL.md +0 -190
  163. package/prisma/skills/ecc-recipes/SKILL.md +0 -149
  164. package/prisma/skills/ecc-tools-cost-audit/SKILL.md +0 -161
  165. package/prisma/skills/email-ops/SKILL.md +0 -122
  166. package/prisma/skills/energy-procurement/SKILL.md +0 -228
  167. package/prisma/skills/enterprise-agent-ops/SKILL.md +0 -51
  168. package/prisma/skills/error-handling/SKILL.md +0 -377
  169. package/prisma/skills/eval-harness/SKILL.md +0 -271
  170. package/prisma/skills/evm-token-decimals/SKILL.md +0 -131
  171. package/prisma/skills/exa-search/SKILL.md +0 -108
  172. package/prisma/skills/fal-ai-media/SKILL.md +0 -289
  173. package/prisma/skills/fastapi-patterns/SKILL.md +0 -514
  174. package/prisma/skills/finance-billing-ops/SKILL.md +0 -128
  175. package/prisma/skills/flox-environments/SKILL.md +0 -497
  176. package/prisma/skills/flutter-dart-code-review/SKILL.md +0 -436
  177. package/prisma/skills/foundation-models-on-device/SKILL.md +0 -243
  178. package/prisma/skills/frontend-a11y/SKILL.md +0 -446
  179. package/prisma/skills/frontend-design-direction/SKILL.md +0 -93
  180. package/prisma/skills/frontend-patterns/SKILL.md +0 -657
  181. package/prisma/skills/frontend-slides/SKILL.md +0 -185
  182. package/prisma/skills/frontend-slides/STYLE_PRESETS.md +0 -330
  183. package/prisma/skills/frontend-slides/animation-patterns.md +0 -122
  184. package/prisma/skills/frontend-slides/html-template.md +0 -419
  185. package/prisma/skills/frontend-slides/scripts/export-pdf.sh +0 -418
  186. package/prisma/skills/frontend-slides/scripts/extract-pptx.py +0 -96
  187. package/prisma/skills/frontend-slides/viewport-base.css +0 -153
  188. package/prisma/skills/fsharp-testing/SKILL.md +0 -281
  189. package/prisma/skills/gan-style-harness/SKILL.md +0 -279
  190. package/prisma/skills/gateguard/SKILL.md +0 -133
  191. package/prisma/skills/generating-python-installer/SKILL.md +0 -820
  192. package/prisma/skills/git-workflow/SKILL.md +0 -716
  193. package/prisma/skills/github-ops/SKILL.md +0 -145
  194. package/prisma/skills/golang-patterns/SKILL.md +0 -675
  195. package/prisma/skills/golang-testing/SKILL.md +0 -721
  196. package/prisma/skills/google-workspace-ops/SKILL.md +0 -96
  197. package/prisma/skills/growth-log/SKILL.md +0 -128
  198. package/prisma/skills/healthcare-cdss-patterns/SKILL.md +0 -246
  199. package/prisma/skills/healthcare-emr-patterns/SKILL.md +0 -160
  200. package/prisma/skills/healthcare-eval-harness/SKILL.md +0 -208
  201. package/prisma/skills/healthcare-phi-compliance/SKILL.md +0 -146
  202. package/prisma/skills/hermes-imports/SKILL.md +0 -89
  203. package/prisma/skills/hexagonal-architecture/SKILL.md +0 -277
  204. package/prisma/skills/hipaa-compliance/SKILL.md +0 -79
  205. package/prisma/skills/homelab-network-readiness/SKILL.md +0 -170
  206. package/prisma/skills/homelab-network-setup/SKILL.md +0 -130
  207. package/prisma/skills/homelab-pihole-dns/SKILL.md +0 -275
  208. package/prisma/skills/homelab-vlan-segmentation/SKILL.md +0 -312
  209. package/prisma/skills/homelab-wireguard-vpn/SKILL.md +0 -306
  210. package/prisma/skills/hookify-rules/SKILL.md +0 -128
  211. package/prisma/skills/inherit-legacy-style/SKILL.md +0 -157
  212. package/prisma/skills/intent-driven-development/SKILL.md +0 -360
  213. package/prisma/skills/inventory-demand-planning/SKILL.md +0 -247
  214. package/prisma/skills/investor-materials/SKILL.md +0 -97
  215. package/prisma/skills/investor-outreach/SKILL.md +0 -92
  216. package/prisma/skills/ios-icon-gen/SKILL.md +0 -158
  217. package/prisma/skills/ios-icon-gen/scripts/generate_icons.swift +0 -258
  218. package/prisma/skills/ios-icon-gen/scripts/iconify_gen.sh +0 -235
  219. package/prisma/skills/iterative-retrieval/SKILL.md +0 -212
  220. package/prisma/skills/ito-basket-compare/SKILL.md +0 -64
  221. package/prisma/skills/ito-data-atlas-agent/SKILL.md +0 -64
  222. package/prisma/skills/ito-market-intelligence/SKILL.md +0 -61
  223. package/prisma/skills/ito-trade-planner/SKILL.md +0 -68
  224. package/prisma/skills/java-coding-standards/SKILL.md +0 -384
  225. package/prisma/skills/jira-integration/SKILL.md +0 -303
  226. package/prisma/skills/jpa-patterns/SKILL.md +0 -152
  227. package/prisma/skills/knowledge-ops/SKILL.md +0 -155
  228. package/prisma/skills/kotlin-coroutines-flows/SKILL.md +0 -285
  229. package/prisma/skills/kotlin-exposed-patterns/SKILL.md +0 -720
  230. package/prisma/skills/kotlin-ktor-patterns/SKILL.md +0 -690
  231. package/prisma/skills/kotlin-patterns/SKILL.md +0 -712
  232. package/prisma/skills/kotlin-testing/SKILL.md +0 -825
  233. package/prisma/skills/kubernetes-patterns/SKILL.md +0 -756
  234. package/prisma/skills/laravel-patterns/SKILL.md +0 -416
  235. package/prisma/skills/laravel-plugin-discovery/SKILL.md +0 -230
  236. package/prisma/skills/laravel-security/SKILL.md +0 -948
  237. package/prisma/skills/laravel-tdd/SKILL.md +0 -675
  238. package/prisma/skills/laravel-verification/SKILL.md +0 -180
  239. package/prisma/skills/latency-critical-systems/SKILL.md +0 -74
  240. package/prisma/skills/lead-intelligence/SKILL.md +0 -322
  241. package/prisma/skills/lead-intelligence/agents/enrichment-agent.md +0 -85
  242. package/prisma/skills/lead-intelligence/agents/mutual-mapper.md +0 -75
  243. package/prisma/skills/lead-intelligence/agents/outreach-drafter.md +0 -98
  244. package/prisma/skills/lead-intelligence/agents/signal-scorer.md +0 -60
  245. package/prisma/skills/liquid-glass-design/SKILL.md +0 -279
  246. package/prisma/skills/llm-trading-agent-security/SKILL.md +0 -147
  247. package/prisma/skills/logistics-exception-management/SKILL.md +0 -222
  248. package/prisma/skills/loop-design-check/SKILL.md +0 -143
  249. package/prisma/skills/mailtrap-email-integration/SKILL.md +0 -77
  250. package/prisma/skills/make-interfaces-feel-better/SKILL.md +0 -152
  251. package/prisma/skills/manim-video/SKILL.md +0 -90
  252. package/prisma/skills/manim-video/assets/network_graph_scene.py +0 -52
  253. package/prisma/skills/market-research/SKILL.md +0 -76
  254. package/prisma/skills/marketing-campaign/SKILL.md +0 -114
  255. package/prisma/skills/mcp-server-patterns/SKILL.md +0 -70
  256. package/prisma/skills/messages-ops/SKILL.md +0 -105
  257. package/prisma/skills/ml-adoption-playbook/SKILL.md +0 -57
  258. package/prisma/skills/mle-workflow/SKILL.md +0 -347
  259. package/prisma/skills/motion-advanced/SKILL.md +0 -596
  260. package/prisma/skills/motion-foundations/SKILL.md +0 -299
  261. package/prisma/skills/motion-patterns/SKILL.md +0 -434
  262. package/prisma/skills/motion-ui/SKILL.md +0 -576
  263. package/prisma/skills/mysql-patterns/SKILL.md +0 -413
  264. package/prisma/skills/nanoclaw-repl/SKILL.md +0 -34
  265. package/prisma/skills/nestjs-patterns/SKILL.md +0 -231
  266. package/prisma/skills/netmiko-ssh-automation/SKILL.md +0 -174
  267. package/prisma/skills/network-bgp-diagnostics/SKILL.md +0 -168
  268. package/prisma/skills/network-config-validation/SKILL.md +0 -211
  269. package/prisma/skills/network-interface-health/SKILL.md +0 -153
  270. package/prisma/skills/nextjs-turbopack/SKILL.md +0 -58
  271. package/prisma/skills/nodejs-keccak256/SKILL.md +0 -103
  272. package/prisma/skills/nutrient-document-processing/SKILL.md +0 -168
  273. package/prisma/skills/nuxt4-patterns/SKILL.md +0 -101
  274. package/prisma/skills/openclaw-persona-forge/SKILL.md +0 -289
  275. package/prisma/skills/openclaw-persona-forge/gacha.py +0 -224
  276. package/prisma/skills/openclaw-persona-forge/gacha.sh +0 -5
  277. package/prisma/skills/openclaw-persona-forge/references/avatar-style.md +0 -124
  278. package/prisma/skills/openclaw-persona-forge/references/boundary-rules.md +0 -53
  279. package/prisma/skills/openclaw-persona-forge/references/error-handling.md +0 -53
  280. package/prisma/skills/openclaw-persona-forge/references/identity-tension.md +0 -48
  281. package/prisma/skills/openclaw-persona-forge/references/naming-system.md +0 -39
  282. package/prisma/skills/openclaw-persona-forge/references/output-template.md +0 -166
  283. package/prisma/skills/opensource-pipeline/SKILL.md +0 -256
  284. package/prisma/skills/orch-add-feature/SKILL.md +0 -45
  285. package/prisma/skills/orch-build-mvp/SKILL.md +0 -49
  286. package/prisma/skills/orch-change-feature/SKILL.md +0 -43
  287. package/prisma/skills/orch-fix-defect/SKILL.md +0 -43
  288. package/prisma/skills/orch-pipeline/SKILL.md +0 -121
  289. package/prisma/skills/orch-refine-code/SKILL.md +0 -44
  290. package/prisma/skills/parallel-execution-optimizer/SKILL.md +0 -73
  291. package/prisma/skills/perl-patterns/SKILL.md +0 -505
  292. package/prisma/skills/perl-security/SKILL.md +0 -504
  293. package/prisma/skills/perl-testing/SKILL.md +0 -476
  294. package/prisma/skills/plan-orchestrate/SKILL.md +0 -263
  295. package/prisma/skills/plankton-code-quality/SKILL.md +0 -237
  296. package/prisma/skills/postgres-patterns/SKILL.md +0 -148
  297. package/prisma/skills/prediction-market-oracle-research/SKILL.md +0 -64
  298. package/prisma/skills/prediction-market-risk-review/SKILL.md +0 -61
  299. package/prisma/skills/prisma-patterns/SKILL.md +0 -401
  300. package/prisma/skills/product-capability/SKILL.md +0 -142
  301. package/prisma/skills/product-lens/SKILL.md +0 -93
  302. package/prisma/skills/production-audit/SKILL.md +0 -207
  303. package/prisma/skills/production-scheduling/SKILL.md +0 -238
  304. package/prisma/skills/project-flow-ops/SKILL.md +0 -112
  305. package/prisma/skills/prompt-optimizer/SKILL.md +0 -398
  306. package/prisma/skills/python-patterns/SKILL.md +0 -751
  307. package/prisma/skills/python-testing/SKILL.md +0 -817
  308. package/prisma/skills/pytorch-patterns/SKILL.md +0 -397
  309. package/prisma/skills/quality-nonconformance/SKILL.md +0 -260
  310. package/prisma/skills/quarkus-patterns/SKILL.md +0 -723
  311. package/prisma/skills/quarkus-security/SKILL.md +0 -468
  312. package/prisma/skills/quarkus-tdd/SKILL.md +0 -812
  313. package/prisma/skills/quarkus-verification/SKILL.md +0 -480
  314. package/prisma/skills/ralphinho-rfc-pipeline/SKILL.md +0 -68
  315. package/prisma/skills/react-native-patterns/SKILL.md +0 -326
  316. package/prisma/skills/react-patterns/SKILL.md +0 -342
  317. package/prisma/skills/react-performance/SKILL.md +0 -575
  318. package/prisma/skills/react-testing/SKILL.md +0 -424
  319. package/prisma/skills/recsys-pipeline-architect/SKILL.md +0 -115
  320. package/prisma/skills/recursive-decision-ledger/SKILL.md +0 -80
  321. package/prisma/skills/redis-patterns/SKILL.md +0 -404
  322. package/prisma/skills/regex-vs-llm-structured-text/SKILL.md +0 -221
  323. package/prisma/skills/remotion-video-creation/SKILL.md +0 -43
  324. package/prisma/skills/remotion-video-creation/rules/3d.md +0 -86
  325. package/prisma/skills/remotion-video-creation/rules/animations.md +0 -29
  326. package/prisma/skills/remotion-video-creation/rules/assets/charts-bar-chart.tsx +0 -173
  327. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-typewriter.tsx +0 -100
  328. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-word-highlight.tsx +0 -108
  329. package/prisma/skills/remotion-video-creation/rules/assets.md +0 -78
  330. package/prisma/skills/remotion-video-creation/rules/audio.md +0 -172
  331. package/prisma/skills/remotion-video-creation/rules/calculate-metadata.md +0 -104
  332. package/prisma/skills/remotion-video-creation/rules/can-decode.md +0 -75
  333. package/prisma/skills/remotion-video-creation/rules/charts.md +0 -58
  334. package/prisma/skills/remotion-video-creation/rules/compositions.md +0 -146
  335. package/prisma/skills/remotion-video-creation/rules/display-captions.md +0 -126
  336. package/prisma/skills/remotion-video-creation/rules/extract-frames.md +0 -229
  337. package/prisma/skills/remotion-video-creation/rules/fonts.md +0 -152
  338. package/prisma/skills/remotion-video-creation/rules/get-audio-duration.md +0 -58
  339. package/prisma/skills/remotion-video-creation/rules/get-video-dimensions.md +0 -68
  340. package/prisma/skills/remotion-video-creation/rules/get-video-duration.md +0 -58
  341. package/prisma/skills/remotion-video-creation/rules/gifs.md +0 -138
  342. package/prisma/skills/remotion-video-creation/rules/images.md +0 -130
  343. package/prisma/skills/remotion-video-creation/rules/import-srt-captions.md +0 -67
  344. package/prisma/skills/remotion-video-creation/rules/lottie.md +0 -67
  345. package/prisma/skills/remotion-video-creation/rules/measuring-dom-nodes.md +0 -34
  346. package/prisma/skills/remotion-video-creation/rules/measuring-text.md +0 -143
  347. package/prisma/skills/remotion-video-creation/rules/sequencing.md +0 -106
  348. package/prisma/skills/remotion-video-creation/rules/tailwind.md +0 -11
  349. package/prisma/skills/remotion-video-creation/rules/text-animations.md +0 -20
  350. package/prisma/skills/remotion-video-creation/rules/timing.md +0 -179
  351. package/prisma/skills/remotion-video-creation/rules/transcribe-captions.md +0 -19
  352. package/prisma/skills/remotion-video-creation/rules/transitions.md +0 -122
  353. package/prisma/skills/remotion-video-creation/rules/trimming.md +0 -52
  354. package/prisma/skills/remotion-video-creation/rules/videos.md +0 -171
  355. package/prisma/skills/repo-scan/SKILL.md +0 -79
  356. package/prisma/skills/research-ops/SKILL.md +0 -113
  357. package/prisma/skills/returns-reverse-logistics/SKILL.md +0 -240
  358. package/prisma/skills/rules-distill/SKILL.md +0 -265
  359. package/prisma/skills/rules-distill/scripts/scan-rules.sh +0 -58
  360. package/prisma/skills/rules-distill/scripts/scan-skills.sh +0 -129
  361. package/prisma/skills/rust-patterns/SKILL.md +0 -500
  362. package/prisma/skills/rust-testing/SKILL.md +0 -501
  363. package/prisma/skills/safety-guard/SKILL.md +0 -76
  364. package/prisma/skills/santa-method/SKILL.md +0 -307
  365. package/prisma/skills/scientific-db-pubmed-database/SKILL.md +0 -176
  366. package/prisma/skills/scientific-db-uspto-database/SKILL.md +0 -178
  367. package/prisma/skills/scientific-pkg-gget/SKILL.md +0 -167
  368. package/prisma/skills/scientific-thinking-literature-review/SKILL.md +0 -193
  369. package/prisma/skills/scientific-thinking-scholar-evaluation/SKILL.md +0 -161
  370. package/prisma/skills/search-first/SKILL.md +0 -183
  371. package/prisma/skills/security-bounty-hunter/SKILL.md +0 -100
  372. package/prisma/skills/security-review/SKILL.md +0 -504
  373. package/prisma/skills/security-review/cloud-infrastructure-security.md +0 -361
  374. package/prisma/skills/security-scan/SKILL.md +0 -166
  375. package/prisma/skills/seo/SKILL.md +0 -155
  376. package/prisma/skills/skill-comply/SKILL.md +0 -59
  377. package/prisma/skills/skill-comply/fixtures/compliant_trace.jsonl +0 -5
  378. package/prisma/skills/skill-comply/fixtures/noncompliant_trace.jsonl +0 -3
  379. package/prisma/skills/skill-comply/fixtures/tdd_spec.yaml +0 -44
  380. package/prisma/skills/skill-comply/prompts/classifier.md +0 -24
  381. package/prisma/skills/skill-comply/prompts/scenario_generator.md +0 -62
  382. package/prisma/skills/skill-comply/prompts/spec_generator.md +0 -42
  383. package/prisma/skills/skill-comply/pyproject.toml +0 -15
  384. package/prisma/skills/skill-comply/scripts/__init__.py +0 -0
  385. package/prisma/skills/skill-comply/scripts/classifier.py +0 -85
  386. package/prisma/skills/skill-comply/scripts/grader.py +0 -124
  387. package/prisma/skills/skill-comply/scripts/parser.py +0 -107
  388. package/prisma/skills/skill-comply/scripts/report.py +0 -170
  389. package/prisma/skills/skill-comply/scripts/run.py +0 -127
  390. package/prisma/skills/skill-comply/scripts/runner.py +0 -194
  391. package/prisma/skills/skill-comply/scripts/scenario_generator.py +0 -70
  392. package/prisma/skills/skill-comply/scripts/spec_generator.py +0 -72
  393. package/prisma/skills/skill-comply/scripts/utils.py +0 -13
  394. package/prisma/skills/skill-comply/tests/test_grader.py +0 -197
  395. package/prisma/skills/skill-comply/tests/test_parser.py +0 -90
  396. package/prisma/skills/skill-comply/tests/test_runner.py +0 -172
  397. package/prisma/skills/skill-scout/SKILL.md +0 -141
  398. package/prisma/skills/skill-stocktake/SKILL.md +0 -195
  399. package/prisma/skills/skill-stocktake/scripts/quick-diff.sh +0 -87
  400. package/prisma/skills/skill-stocktake/scripts/save-results.sh +0 -56
  401. package/prisma/skills/skill-stocktake/scripts/scan.sh +0 -170
  402. package/prisma/skills/social-graph-ranker/SKILL.md +0 -155
  403. package/prisma/skills/social-publisher/SKILL.md +0 -130
  404. package/prisma/skills/springboot-patterns/SKILL.md +0 -315
  405. package/prisma/skills/springboot-security/SKILL.md +0 -273
  406. package/prisma/skills/springboot-tdd/SKILL.md +0 -159
  407. package/prisma/skills/springboot-verification/SKILL.md +0 -232
  408. package/prisma/skills/strategic-compact/SKILL.md +0 -136
  409. package/prisma/skills/swift-actor-persistence/SKILL.md +0 -144
  410. package/prisma/skills/swift-concurrency-6-2/SKILL.md +0 -216
  411. package/prisma/skills/swift-protocol-di-testing/SKILL.md +0 -191
  412. package/prisma/skills/swiftui-patterns/SKILL.md +0 -259
  413. package/prisma/skills/taste/SKILL.md +0 -264
  414. package/prisma/skills/taste/references/genre-taxonomy.md +0 -87
  415. package/prisma/skills/tdd-workflow/SKILL.md +0 -583
  416. package/prisma/skills/team-agent-orchestration/SKILL.md +0 -111
  417. package/prisma/skills/team-builder/SKILL.md +0 -169
  418. package/prisma/skills/terminal-ops/SKILL.md +0 -110
  419. package/prisma/skills/tinystruct-patterns/SKILL.md +0 -279
  420. package/prisma/skills/tinystruct-patterns/references/architecture.md +0 -90
  421. package/prisma/skills/tinystruct-patterns/references/data-handling.md +0 -60
  422. package/prisma/skills/tinystruct-patterns/references/database.md +0 -99
  423. package/prisma/skills/tinystruct-patterns/references/routing.md +0 -64
  424. package/prisma/skills/tinystruct-patterns/references/system-usage.md +0 -97
  425. package/prisma/skills/tinystruct-patterns/references/testing.md +0 -72
  426. package/prisma/skills/token-budget-advisor/SKILL.md +0 -134
  427. package/prisma/skills/ui-demo/SKILL.md +0 -466
  428. package/prisma/skills/ui-to-vue/SKILL.md +0 -135
  429. package/prisma/skills/uncloud/SKILL.md +0 -344
  430. package/prisma/skills/unified-notifications-ops/SKILL.md +0 -188
  431. package/prisma/skills/verification-loop/SKILL.md +0 -127
  432. package/prisma/skills/video-editing/SKILL.md +0 -311
  433. package/prisma/skills/videodb/SKILL.md +0 -375
  434. package/prisma/skills/videodb/reference/api-reference.md +0 -550
  435. package/prisma/skills/videodb/reference/capture-reference.md +0 -407
  436. package/prisma/skills/videodb/reference/capture.md +0 -101
  437. package/prisma/skills/videodb/reference/editor.md +0 -443
  438. package/prisma/skills/videodb/reference/generative.md +0 -331
  439. package/prisma/skills/videodb/reference/rtstream-reference.md +0 -564
  440. package/prisma/skills/videodb/reference/rtstream.md +0 -65
  441. package/prisma/skills/videodb/reference/search.md +0 -230
  442. package/prisma/skills/videodb/reference/streaming.md +0 -406
  443. package/prisma/skills/videodb/reference/use-cases.md +0 -118
  444. package/prisma/skills/videodb/scripts/ws_listener.py +0 -282
  445. package/prisma/skills/visa-doc-translate/README.md +0 -86
  446. package/prisma/skills/visa-doc-translate/SKILL.md +0 -117
  447. package/prisma/skills/vite-patterns/SKILL.md +0 -450
  448. package/prisma/skills/vue-patterns/SKILL.md +0 -471
  449. package/prisma/skills/windows-desktop-e2e/SKILL.md +0 -888
  450. package/prisma/skills/workspace-surface-audit/SKILL.md +0 -126
  451. package/prisma/skills/x-api/SKILL.md +0 -235
@@ -1,361 +0,0 @@
1
- | name | description |
2
- |------|-------------|
3
- | cloud-infrastructure-security | Use this skill when deploying to cloud platforms, configuring infrastructure, managing IAM policies, setting up logging/monitoring, or implementing CI/CD pipelines. Provides cloud security checklist aligned with best practices. |
4
-
5
- # Cloud & Infrastructure Security Skill
6
-
7
- This skill ensures cloud infrastructure, CI/CD pipelines, and deployment configurations follow security best practices and comply with industry standards.
8
-
9
- ## When to Activate
10
-
11
- - Deploying applications to cloud platforms (AWS, Vercel, Railway, Cloudflare)
12
- - Configuring IAM roles and permissions
13
- - Setting up CI/CD pipelines
14
- - Implementing infrastructure as code (Terraform, CloudFormation)
15
- - Configuring logging and monitoring
16
- - Managing secrets in cloud environments
17
- - Setting up CDN and edge security
18
- - Implementing disaster recovery and backup strategies
19
-
20
- ## Cloud Security Checklist
21
-
22
- ### 1. IAM & Access Control
23
-
24
- #### Principle of Least Privilege
25
-
26
- ```yaml
27
- # PASS: CORRECT: Minimal permissions
28
- iam_role:
29
- permissions:
30
- - s3:GetObject # Only read access
31
- - s3:ListBucket
32
- resources:
33
- - arn:aws:s3:::my-bucket/* # Specific bucket only
34
-
35
- # FAIL: WRONG: Overly broad permissions
36
- iam_role:
37
- permissions:
38
- - s3:* # All S3 actions
39
- resources:
40
- - "*" # All resources
41
- ```
42
-
43
- #### Multi-Factor Authentication (MFA)
44
-
45
- ```bash
46
- # ALWAYS enable MFA for root/admin accounts
47
- aws iam enable-mfa-device \
48
- --user-name admin \
49
- --serial-number arn:aws:iam::123456789:mfa/admin \
50
- --authentication-code1 123456 \
51
- --authentication-code2 789012
52
- ```
53
-
54
- #### Verification Steps
55
-
56
- - [ ] No root account usage in production
57
- - [ ] MFA enabled for all privileged accounts
58
- - [ ] Service accounts use roles, not long-lived credentials
59
- - [ ] IAM policies follow least privilege
60
- - [ ] Regular access reviews conducted
61
- - [ ] Unused credentials rotated or removed
62
-
63
- ### 2. Secrets Management
64
-
65
- #### Cloud Secrets Managers
66
-
67
- ```typescript
68
- // PASS: CORRECT: Use cloud secrets manager
69
- import { SecretsManager } from '@aws-sdk/client-secrets-manager';
70
-
71
- const client = new SecretsManager({ region: 'us-east-1' });
72
- const secret = await client.getSecretValue({ SecretId: 'prod/api-key' });
73
- const apiKey = JSON.parse(secret.SecretString).key;
74
-
75
- // FAIL: WRONG: Hardcoded or in environment variables only
76
- const apiKey = process.env.API_KEY; // Not rotated, not audited
77
- ```
78
-
79
- #### Secrets Rotation
80
-
81
- ```bash
82
- # Set up automatic rotation for database credentials
83
- aws secretsmanager rotate-secret \
84
- --secret-id prod/db-password \
85
- --rotation-lambda-arn arn:aws:lambda:region:account:function:rotate \
86
- --rotation-rules AutomaticallyAfterDays=30
87
- ```
88
-
89
- #### Verification Steps
90
-
91
- - [ ] All secrets stored in cloud secrets manager (AWS Secrets Manager, Vercel Secrets)
92
- - [ ] Automatic rotation enabled for database credentials
93
- - [ ] API keys rotated at least quarterly
94
- - [ ] No secrets in code, logs, or error messages
95
- - [ ] Audit logging enabled for secret access
96
-
97
- ### 3. Network Security
98
-
99
- #### VPC and Firewall Configuration
100
-
101
- ```terraform
102
- # PASS: CORRECT: Restricted security group
103
- resource "aws_security_group" "app" {
104
- name = "app-sg"
105
-
106
- ingress {
107
- from_port = 443
108
- to_port = 443
109
- protocol = "tcp"
110
- cidr_blocks = ["10.0.0.0/16"] # Internal VPC only
111
- }
112
-
113
- egress {
114
- from_port = 443
115
- to_port = 443
116
- protocol = "tcp"
117
- cidr_blocks = ["0.0.0.0/0"] # Only HTTPS outbound
118
- }
119
- }
120
-
121
- # FAIL: WRONG: Open to the internet
122
- resource "aws_security_group" "bad" {
123
- ingress {
124
- from_port = 0
125
- to_port = 65535
126
- protocol = "tcp"
127
- cidr_blocks = ["0.0.0.0/0"] # All ports, all IPs!
128
- }
129
- }
130
- ```
131
-
132
- #### Verification Steps
133
-
134
- - [ ] Database not publicly accessible
135
- - [ ] SSH/RDP ports restricted to VPN/bastion only
136
- - [ ] Security groups follow least privilege
137
- - [ ] Network ACLs configured
138
- - [ ] VPC flow logs enabled
139
-
140
- ### 4. Logging & Monitoring
141
-
142
- #### CloudWatch/Logging Configuration
143
-
144
- ```typescript
145
- // PASS: CORRECT: Comprehensive logging
146
- import { CloudWatchLogsClient, CreateLogStreamCommand } from '@aws-sdk/client-cloudwatch-logs';
147
-
148
- const logSecurityEvent = async (event: SecurityEvent) => {
149
- await cloudwatch.putLogEvents({
150
- logGroupName: '/aws/security/events',
151
- logStreamName: 'authentication',
152
- logEvents: [{
153
- timestamp: Date.now(),
154
- message: JSON.stringify({
155
- type: event.type,
156
- userId: event.userId,
157
- ip: event.ip,
158
- result: event.result,
159
- // Never log sensitive data
160
- })
161
- }]
162
- });
163
- };
164
- ```
165
-
166
- #### Verification Steps
167
-
168
- - [ ] CloudWatch/logging enabled for all services
169
- - [ ] Failed authentication attempts logged
170
- - [ ] Admin actions audited
171
- - [ ] Log retention configured (90+ days for compliance)
172
- - [ ] Alerts configured for suspicious activity
173
- - [ ] Logs centralized and tamper-proof
174
-
175
- ### 5. CI/CD Pipeline Security
176
-
177
- #### Secure Pipeline Configuration
178
-
179
- ```yaml
180
- # PASS: CORRECT: Secure GitHub Actions workflow
181
- name: Deploy
182
-
183
- on:
184
- push:
185
- branches: [main]
186
-
187
- jobs:
188
- deploy:
189
- runs-on: ubuntu-latest
190
- permissions:
191
- contents: read # Minimal permissions
192
-
193
- steps:
194
- - uses: actions/checkout@v4
195
-
196
- # Scan for secrets
197
- - name: Secret scanning
198
- uses: trufflesecurity/trufflehog@main
199
-
200
- # Dependency audit
201
- - name: Audit dependencies
202
- run: npm audit --audit-level=high
203
-
204
- # Use OIDC, not long-lived tokens
205
- - name: Configure AWS credentials
206
- uses: aws-actions/configure-aws-credentials@v4
207
- with:
208
- role-to-assume: arn:aws:iam::123456789:role/GitHubActionsRole
209
- aws-region: us-east-1
210
- ```
211
-
212
- #### Supply Chain Security
213
-
214
- ```json
215
- // package.json - Use lock files and integrity checks
216
- {
217
- "scripts": {
218
- "install": "npm ci", // Use ci for reproducible builds
219
- "audit": "npm audit --audit-level=moderate",
220
- "check": "npm outdated"
221
- }
222
- }
223
- ```
224
-
225
- #### Verification Steps
226
-
227
- - [ ] OIDC used instead of long-lived credentials
228
- - [ ] Secrets scanning in pipeline
229
- - [ ] Dependency vulnerability scanning
230
- - [ ] Container image scanning (if applicable)
231
- - [ ] Branch protection rules enforced
232
- - [ ] Code review required before merge
233
- - [ ] Signed commits enforced
234
-
235
- ### 6. Cloudflare & CDN Security
236
-
237
- #### Cloudflare Security Configuration
238
-
239
- ```typescript
240
- // PASS: CORRECT: Cloudflare Workers with security headers
241
- export default {
242
- async fetch(request: Request): Promise<Response> {
243
- const response = await fetch(request);
244
-
245
- // Add security headers
246
- const headers = new Headers(response.headers);
247
- headers.set('X-Frame-Options', 'DENY');
248
- headers.set('X-Content-Type-Options', 'nosniff');
249
- headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
250
- headers.set('Permissions-Policy', 'geolocation=(), microphone=()');
251
-
252
- return new Response(response.body, {
253
- status: response.status,
254
- headers
255
- });
256
- }
257
- };
258
- ```
259
-
260
- #### WAF Rules
261
-
262
- ```bash
263
- # Enable Cloudflare WAF managed rules
264
- # - OWASP Core Ruleset
265
- # - Cloudflare Managed Ruleset
266
- # - Rate limiting rules
267
- # - Bot protection
268
- ```
269
-
270
- #### Verification Steps
271
-
272
- - [ ] WAF enabled with OWASP rules
273
- - [ ] Rate limiting configured
274
- - [ ] Bot protection active
275
- - [ ] DDoS protection enabled
276
- - [ ] Security headers configured
277
- - [ ] SSL/TLS strict mode enabled
278
-
279
- ### 7. Backup & Disaster Recovery
280
-
281
- #### Automated Backups
282
-
283
- ```terraform
284
- # PASS: CORRECT: Automated RDS backups
285
- resource "aws_db_instance" "main" {
286
- allocated_storage = 20
287
- engine = "postgres"
288
-
289
- backup_retention_period = 30 # 30 days retention
290
- backup_window = "03:00-04:00"
291
- maintenance_window = "mon:04:00-mon:05:00"
292
-
293
- enabled_cloudwatch_logs_exports = ["postgresql"]
294
-
295
- deletion_protection = true # Prevent accidental deletion
296
- }
297
- ```
298
-
299
- #### Verification Steps
300
-
301
- - [ ] Automated daily backups configured
302
- - [ ] Backup retention meets compliance requirements
303
- - [ ] Point-in-time recovery enabled
304
- - [ ] Backup testing performed quarterly
305
- - [ ] Disaster recovery plan documented
306
- - [ ] RPO and RTO defined and tested
307
-
308
- ## Pre-Deployment Cloud Security Checklist
309
-
310
- Before ANY production cloud deployment:
311
-
312
- - [ ] **IAM**: Root account not used, MFA enabled, least privilege policies
313
- - [ ] **Secrets**: All secrets in cloud secrets manager with rotation
314
- - [ ] **Network**: Security groups restricted, no public databases
315
- - [ ] **Logging**: CloudWatch/logging enabled with retention
316
- - [ ] **Monitoring**: Alerts configured for anomalies
317
- - [ ] **CI/CD**: OIDC auth, secrets scanning, dependency audits
318
- - [ ] **CDN/WAF**: Cloudflare WAF enabled with OWASP rules
319
- - [ ] **Encryption**: Data encrypted at rest and in transit
320
- - [ ] **Backups**: Automated backups with tested recovery
321
- - [ ] **Compliance**: GDPR/HIPAA requirements met (if applicable)
322
- - [ ] **Documentation**: Infrastructure documented, runbooks created
323
- - [ ] **Incident Response**: Security incident plan in place
324
-
325
- ## Common Cloud Security Misconfigurations
326
-
327
- ### S3 Bucket Exposure
328
-
329
- ```bash
330
- # FAIL: WRONG: Public bucket
331
- aws s3api put-bucket-acl --bucket my-bucket --acl public-read
332
-
333
- # PASS: CORRECT: Private bucket with specific access
334
- aws s3api put-bucket-acl --bucket my-bucket --acl private
335
- aws s3api put-bucket-policy --bucket my-bucket --policy file://policy.json
336
- ```
337
-
338
- ### RDS Public Access
339
-
340
- ```terraform
341
- # FAIL: WRONG
342
- resource "aws_db_instance" "bad" {
343
- publicly_accessible = true # NEVER do this!
344
- }
345
-
346
- # PASS: CORRECT
347
- resource "aws_db_instance" "good" {
348
- publicly_accessible = false
349
- vpc_security_group_ids = [aws_security_group.db.id]
350
- }
351
- ```
352
-
353
- ## Resources
354
-
355
- - [AWS Security Best Practices](https://aws.amazon.com/security/best-practices/)
356
- - [CIS AWS Foundations Benchmark](https://www.cisecurity.org/benchmark/amazon_web_services)
357
- - [Cloudflare Security Documentation](https://developers.cloudflare.com/security/)
358
- - [OWASP Cloud Security](https://owasp.org/www-project-cloud-security/)
359
- - [Terraform Security Best Practices](https://www.terraform.io/docs/cloud/guides/recommended-practices/)
360
-
361
- **Remember**: Cloud misconfigurations are the leading cause of data breaches. A single exposed S3 bucket or overly permissive IAM policy can compromise your entire infrastructure. Always follow the principle of least privilege and defense in depth.
@@ -1,166 +0,0 @@
1
- ---
2
- name: security-scan
3
- description: Scan your Claude Code configuration (.claude/ directory) for security vulnerabilities, misconfigurations, and injection risks using AgentShield. Checks CLAUDE.md, settings.json, MCP servers, hooks, and agent definitions.
4
- metadata:
5
- origin: ECC
6
- ---
7
-
8
- # Security Scan Skill
9
-
10
- Audit your Claude Code configuration for security issues using [AgentShield](https://github.com/affaan-m/agentshield).
11
-
12
- ## When to Activate
13
-
14
- - Setting up a new Claude Code project
15
- - After modifying `.claude/settings.json`, `CLAUDE.md`, or MCP configs
16
- - Before committing configuration changes
17
- - When onboarding to a new repository with existing Claude Code configs
18
- - Periodic security hygiene checks
19
-
20
- ## What It Scans
21
-
22
- | File | Checks |
23
- |------|--------|
24
- | `CLAUDE.md` | Hardcoded secrets, auto-run instructions, prompt injection patterns |
25
- | `settings.json` | Overly permissive allow lists, missing deny lists, dangerous bypass flags |
26
- | `mcp.json` | Risky MCP servers, hardcoded env secrets, npx supply chain risks |
27
- | `hooks/` | Command injection via interpolation, data exfiltration, silent error suppression |
28
- | `agents/*.md` | Unrestricted tool access, prompt injection surface, missing model specs |
29
-
30
- ## Prerequisites
31
-
32
- AgentShield must be installed. Check and install if needed:
33
-
34
- ```bash
35
- # Check if installed
36
- npx ecc-agentshield --version
37
-
38
- # Install globally (recommended)
39
- npm install -g ecc-agentshield
40
-
41
- # Or run directly via npx (no install needed)
42
- npx ecc-agentshield scan .
43
- ```
44
-
45
- ## Usage
46
-
47
- ### Basic Scan
48
-
49
- Run against the current project's `.claude/` directory:
50
-
51
- ```bash
52
- # Scan current project
53
- npx ecc-agentshield scan
54
-
55
- # Scan a specific path
56
- npx ecc-agentshield scan --path /path/to/.claude
57
-
58
- # Scan with minimum severity filter
59
- npx ecc-agentshield scan --min-severity medium
60
- ```
61
-
62
- ### Output Formats
63
-
64
- ```bash
65
- # Terminal output (default) — colored report with grade
66
- npx ecc-agentshield scan
67
-
68
- # JSON — for CI/CD integration
69
- npx ecc-agentshield scan --format json
70
-
71
- # Markdown — for documentation
72
- npx ecc-agentshield scan --format markdown
73
-
74
- # HTML — self-contained dark-theme report
75
- npx ecc-agentshield scan --format html > security-report.html
76
- ```
77
-
78
- ### Auto-Fix
79
-
80
- Apply safe fixes automatically (only fixes marked as auto-fixable):
81
-
82
- ```bash
83
- npx ecc-agentshield scan --fix
84
- ```
85
-
86
- This will:
87
- - Replace hardcoded secrets with environment variable references
88
- - Tighten wildcard permissions to scoped alternatives
89
- - Never modify manual-only suggestions
90
-
91
- ### Opus 4.6 Deep Analysis
92
-
93
- Run the adversarial three-agent pipeline for deeper analysis:
94
-
95
- ```bash
96
- # Requires ANTHROPIC_API_KEY
97
- export ANTHROPIC_API_KEY=your-key
98
- npx ecc-agentshield scan --opus --stream
99
- ```
100
-
101
- This runs:
102
- 1. **Attacker (Red Team)** — finds attack vectors
103
- 2. **Defender (Blue Team)** — recommends hardening
104
- 3. **Auditor (Final Verdict)** — synthesizes both perspectives
105
-
106
- ### Initialize Secure Config
107
-
108
- Scaffold a new secure `.claude/` configuration from scratch:
109
-
110
- ```bash
111
- npx ecc-agentshield init
112
- ```
113
-
114
- Creates:
115
- - `settings.json` with scoped permissions and deny list
116
- - `CLAUDE.md` with security best practices
117
- - `mcp.json` placeholder
118
-
119
- ### GitHub Action
120
-
121
- Add to your CI pipeline:
122
-
123
- ```yaml
124
- - uses: affaan-m/agentshield@v1
125
- with:
126
- path: '.'
127
- min-severity: 'medium'
128
- fail-on-findings: true
129
- ```
130
-
131
- ## Severity Levels
132
-
133
- | Grade | Score | Meaning |
134
- |-------|-------|---------|
135
- | A | 90-100 | Secure configuration |
136
- | B | 75-89 | Minor issues |
137
- | C | 60-74 | Needs attention |
138
- | D | 40-59 | Significant risks |
139
- | F | 0-39 | Critical vulnerabilities |
140
-
141
- ## Interpreting Results
142
-
143
- ### Critical Findings (fix immediately)
144
- - Hardcoded API keys or tokens in config files
145
- - `Bash(*)` in the allow list (unrestricted shell access)
146
- - Command injection in hooks via `${file}` interpolation
147
- - Shell-running MCP servers
148
-
149
- ### High Findings (fix before production)
150
- - Auto-run instructions in CLAUDE.md (prompt injection vector)
151
- - Missing deny lists in permissions
152
- - Agents with unnecessary Bash access
153
-
154
- ### Medium Findings (recommended)
155
- - Silent error suppression in hooks (`2>/dev/null`, `|| true`)
156
- - Missing PreToolUse security hooks
157
- - `npx -y` auto-install in MCP server configs
158
-
159
- ### Info Findings (awareness)
160
- - Missing descriptions on MCP servers
161
- - Prohibitive instructions correctly flagged as good practice
162
-
163
- ## Links
164
-
165
- - **GitHub**: [github.com/affaan-m/agentshield](https://github.com/affaan-m/agentshield)
166
- - **npm**: [npmjs.com/package/ecc-agentshield](https://www.npmjs.com/package/ecc-agentshield)
@@ -1,155 +0,0 @@
1
- ---
2
- name: seo
3
- description: Audit, plan, and implement SEO improvements across technical SEO, on-page optimization, structured data, Core Web Vitals, and content strategy. Use when the user wants better search visibility, SEO remediation, schema markup, sitemap/robots work, or keyword mapping.
4
- metadata:
5
- origin: ECC
6
- ---
7
-
8
- # SEO
9
-
10
- Improve search visibility through technical correctness, performance, and content relevance, not gimmicks.
11
-
12
- ## When to Use
13
-
14
- Use this skill when:
15
- - auditing crawlability, indexability, canonicals, or redirects
16
- - improving title tags, meta descriptions, and heading structure
17
- - adding or validating structured data
18
- - improving Core Web Vitals
19
- - doing keyword research and mapping keywords to URLs
20
- - planning internal linking or sitemap / robots changes
21
-
22
- ## How It Works
23
-
24
- ### Principles
25
-
26
- 1. Fix technical blockers before content optimization.
27
- 2. One page should have one clear primary search intent.
28
- 3. Prefer long-term quality signals over manipulative patterns.
29
- 4. Mobile-first assumptions matter because indexing is mobile-first.
30
- 5. Recommendations should be page-specific and implementable.
31
-
32
- ### Technical SEO checklist
33
-
34
- #### Crawlability
35
-
36
- - `robots.txt` should allow important pages and block low-value surfaces
37
- - no important page should be unintentionally `noindex`
38
- - important pages should be reachable within a shallow click depth
39
- - avoid redirect chains longer than two hops
40
- - canonical tags should be self-consistent and non-looping
41
-
42
- #### Indexability
43
-
44
- - preferred URL format should be consistent
45
- - multilingual pages need correct hreflang if used
46
- - sitemaps should reflect the intended public surface
47
- - no duplicate URLs should compete without canonical control
48
-
49
- #### Performance
50
-
51
- - LCP < 2.5s
52
- - INP < 200ms
53
- - CLS < 0.1
54
- - common fixes: preload hero assets, reduce render-blocking work, reserve layout space, trim heavy JS
55
-
56
- #### Structured data
57
-
58
- - homepage: organization or business schema where appropriate
59
- - editorial pages: `Article` / `BlogPosting`
60
- - product pages: `Product` and `Offer`
61
- - interior pages: `BreadcrumbList`
62
- - Q&A sections: `FAQPage` only when the content truly matches
63
-
64
- ### On-page rules
65
-
66
- #### Title tags
67
-
68
- - aim for roughly 50-60 characters
69
- - put the primary keyword or concept near the front
70
- - make the title legible to humans, not stuffed for bots
71
-
72
- #### Meta descriptions
73
-
74
- - aim for roughly 120-160 characters
75
- - describe the page honestly
76
- - include the main topic naturally
77
-
78
- #### Heading structure
79
-
80
- - one clear `H1`
81
- - `H2` and `H3` should reflect actual content hierarchy
82
- - do not skip structure just for visual styling
83
-
84
- ### Keyword mapping
85
-
86
- 1. define the search intent
87
- 2. gather realistic keyword variants
88
- 3. prioritize by intent match, likely value, and competition
89
- 4. map one primary keyword/theme to one URL
90
- 5. detect and avoid cannibalization
91
-
92
- ### Internal linking
93
-
94
- - link from strong pages to pages you want to rank
95
- - use descriptive anchor text
96
- - avoid generic anchors when a more specific one is possible
97
- - backfill links from new pages to relevant existing ones
98
-
99
- ## Examples
100
-
101
- ### Title formula
102
-
103
- ```text
104
- Primary Topic - Specific Modifier | Brand
105
- ```
106
-
107
- ### Meta description formula
108
-
109
- ```text
110
- Action + topic + value proposition + one supporting detail
111
- ```
112
-
113
- ### JSON-LD example
114
-
115
- ```json
116
- {
117
- "@context": "https://schema.org",
118
- "@type": "Article",
119
- "headline": "Page Title Here",
120
- "author": {
121
- "@type": "Person",
122
- "name": "Author Name"
123
- },
124
- "publisher": {
125
- "@type": "Organization",
126
- "name": "Brand Name"
127
- }
128
- }
129
- ```
130
-
131
- ### Audit output shape
132
-
133
- ```text
134
- [HIGH] Duplicate title tags on product pages
135
- Location: src/routes/products/[slug].tsx
136
- Issue: Dynamic titles collapse to the same default string, which weakens relevance and creates duplicate signals.
137
- Fix: Generate a unique title per product using the product name and primary category.
138
- ```
139
-
140
- ## Anti-Patterns
141
-
142
- | Anti-pattern | Fix |
143
- | --- | --- |
144
- | keyword stuffing | write for users first |
145
- | thin near-duplicate pages | consolidate or differentiate them |
146
- | schema for content that is not actually present | match schema to reality |
147
- | content advice without checking the actual page | read the real page first |
148
- | generic “improve SEO” outputs | tie every recommendation to a page or asset |
149
-
150
- ## Related Skills
151
-
152
- - `seo-specialist`
153
- - `frontend-patterns`
154
- - `brand-voice`
155
- - `market-research`