coding-agent-skills 0.2.10 → 0.2.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +20 -0
- package/README.md +4 -0
- package/ROADMAP.md +7 -5
- package/bin/coding-agent-skills +7 -0
- package/docs/adapters/README.md +19 -0
- package/docs/adapters/project-installation.md +12 -0
- package/docs/adapters/real-project-adoption.md +1 -1
- package/docs/architecture/README.md +4 -3
- package/docs/release/README.md +3 -2
- package/docs/release/npm-package.md +6 -2
- package/docs/safety/README.md +6 -1
- package/docs/testing/README.md +8 -0
- package/docs/usage/README.md +14 -5
- package/examples/command-policies/secret-audit.json +71 -0
- package/examples/evidence-packs/secret-audit.json +55 -0
- package/examples/manifests/secret-audit.json +14 -0
- package/examples/workflows/secret-audit.md +10 -0
- package/package.json +2 -1
- package/runs/skill-runs.md +16 -0
- package/schemas/project-adapter-installation.schema.json +2 -0
- package/schemas/project-adapter.schema.json +2 -0
- package/scripts/lib/pack-rules.mjs +11 -2
- package/scripts/lib/secret-audit.mjs +510 -0
- package/scripts/render-secret-audit.mjs +8 -0
- package/scripts/test-pack.mjs +69 -1
- package/scripts/validate-pack.mjs +5 -2
- package/skills/secret-audit/SKILL.md +57 -0
- package/skills/secret-audit/adapter-interface.md +12 -0
- package/skills/secret-audit/agents/openai.yaml +4 -0
- package/skills/secret-audit/checklist.md +7 -0
- package/skills/secret-audit/evidence-template.md +15 -0
- package/skills/secret-audit/examples.md +27 -0
- package/skills/secret-audit/failure-modes.md +5 -0
- package/tests/fixtures/secret-audit/adapter-project/.coding-agent/adapters/secret-audit-fixture/adapter.json +53 -0
- package/tests/fixtures/secret-audit/adapter-project/.coding-agent/skills.json +23 -0
- package/tests/fixtures/secret-audit/adapter-project/README.md +3 -0
- package/tests/fixtures/secret-audit/adapter-project/package.json +4 -0
- package/tests/fixtures/secret-audit/adapter-project/src/placeholder.ts +1 -0
- package/tests/fixtures/secret-audit/static-project/.env.example +1 -0
- package/tests/fixtures/secret-audit/static-project/README.md +3 -0
- package/tests/fixtures/secret-audit/static-project/package.json +4 -0
- package/tests/fixtures/secret-audit/static-project/src/config.ts +1 -0
- package/tests/fixtures/triggers/cases.json +13 -1
- package/tests/trigger/README.md +2 -0
- package/work-ledger.md +18 -6
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,26 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes follow [Semantic Versioning](docs/versioning/README.md).
|
|
4
4
|
|
|
5
|
+
## [0.2.11] - 2026-07-03
|
|
6
|
+
|
|
7
|
+
### Added
|
|
8
|
+
|
|
9
|
+
- `secret-audit` audit-only skill for redacted static secret exposure detection.
|
|
10
|
+
- `coding-agent-skills secret-audit <project-root>` CLI command.
|
|
11
|
+
- Dependency-free secret audit renderer for high-confidence finding paths, finding types,
|
|
12
|
+
counts, skipped secret-bearing paths, not-verified credential surfaces, adapter-limited
|
|
13
|
+
scope, and safety refusals.
|
|
14
|
+
- Synthetic secret-audit fixtures and release tests for generic static scans,
|
|
15
|
+
adapter-scoped scans, `.env` exclusion, matched-value omission, and repo-map-only adapter
|
|
16
|
+
skips.
|
|
17
|
+
|
|
18
|
+
### Changed
|
|
19
|
+
|
|
20
|
+
- Adapter schemas and validators now recognize `secret-audit` as an audit-only skill while
|
|
21
|
+
preserving the existing `0.2.3` adapter contract compatibility baseline.
|
|
22
|
+
- Usage, release, safety, architecture, adapter, roadmap, ledger, and run-log docs now
|
|
23
|
+
describe the new redacted read-only secret-audit command.
|
|
24
|
+
|
|
5
25
|
## [0.2.10] - 2026-07-03
|
|
6
26
|
|
|
7
27
|
### Added
|
package/README.md
CHANGED
|
@@ -8,6 +8,7 @@ The pilot pack contains:
|
|
|
8
8
|
- `repo-map`: audit-only repository orientation.
|
|
9
9
|
- `route-trace`: audit-only static route surface tracing.
|
|
10
10
|
- `env-audit`: audit-only environment variable name mapping without values.
|
|
11
|
+
- `secret-audit`: audit-only high-confidence secret exposure detection without values.
|
|
11
12
|
- `build-verify`: controlled local validation using existing project commands.
|
|
12
13
|
- `git-preflight`: audit-only Git readiness inspection.
|
|
13
14
|
- `runtime-truth`: audit-only runtime evidence collection.
|
|
@@ -42,6 +43,7 @@ Every skill emits the evidence-pack contract. A command being attempted is never
|
|
|
42
43
|
- From a clone, the same wrapper is available as `bin/coding-agent-skills validate-pack`.
|
|
43
44
|
- Trace static route surfaces with `coding-agent-skills route-trace <project-root>`.
|
|
44
45
|
- Map environment variable names with `coding-agent-skills env-audit <project-root>`.
|
|
46
|
+
- Find redacted secret exposure risks with `coding-agent-skills secret-audit <project-root>`.
|
|
45
47
|
- Validate project adapters against [the formal adapter schema](schemas/project-adapter.schema.json).
|
|
46
48
|
- Review [external adapter discovery](docs/adapters/discovery.md).
|
|
47
49
|
- Run `node scripts/validate-adapters.mjs <adapter-root>` for a disposable external root.
|
|
@@ -51,6 +53,8 @@ Every skill emits the evidence-pack contract. A command being attempted is never
|
|
|
51
53
|
`node scripts/render-adapter-repo-map.mjs <project-root>`.
|
|
52
54
|
- Render a static route-trace report with
|
|
53
55
|
`node scripts/render-route-trace.mjs <project-root>`.
|
|
56
|
+
- Render a redacted secret-audit report with
|
|
57
|
+
`node scripts/render-secret-audit.mjs <project-root>`.
|
|
54
58
|
- Review [adapter upgrade checks](docs/adapters/upgrades.md).
|
|
55
59
|
- Run `node scripts/check-adapter-upgrade.mjs <before-project-root> <after-project-root>`
|
|
56
60
|
for disposable project revisions.
|
package/ROADMAP.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Roadmap
|
|
2
2
|
|
|
3
|
-
The public package now contains
|
|
3
|
+
The public package now contains eight approved shared skills. Builder-mode approval is
|
|
4
4
|
active for the remaining read-only skill wave in this repository; real-world project
|
|
5
5
|
execution constraints remain unchanged.
|
|
6
6
|
|
|
@@ -32,6 +32,8 @@ execution constraints remain unchanged.
|
|
|
32
32
|
tracing.
|
|
33
33
|
- `v0.2.10`: audit-only `env-audit` skill and CLI renderer for value-free environment
|
|
34
34
|
variable name mapping.
|
|
35
|
+
- `v0.2.11`: audit-only `secret-audit` skill and CLI renderer for redacted secret
|
|
36
|
+
exposure detection.
|
|
35
37
|
|
|
36
38
|
The next milestone is recorded in [work-ledger.md](work-ledger.md). The
|
|
37
39
|
[maintainer loop](RUNBOOK.md) may select and evidence that milestone, but it must stop
|
|
@@ -74,18 +76,18 @@ Next safe milestone options:
|
|
|
74
76
|
|---|---|---|---|
|
|
75
77
|
| `route-trace-skill` | General | Audit-only | Implemented in `v0.2.9` |
|
|
76
78
|
| `env-audit-skill` | General | Audit-only | Implemented in `v0.2.10` |
|
|
77
|
-
| `secret-audit-skill` | General | Audit-only |
|
|
79
|
+
| `secret-audit-skill` | General | Audit-only | Implemented in `v0.2.11` |
|
|
80
|
+
| `api-contract-audit-skill` | General | Audit-only | Builder-mode approved; next in wave |
|
|
81
|
+
| `migration-review-skill` | General with platform adapters | Audit-only | Builder-mode approved; later in wave |
|
|
82
|
+
| `github-handoff-skill` | General | Audit-only | Builder-mode approved; later in wave |
|
|
78
83
|
| `deployment-preflight-skill` | General | Audit-only | Builder-mode approved; later in wave |
|
|
79
84
|
| `cloudflare-preflight-skill` | Platform-specific | Audit-only | Builder-mode approved; later in wave |
|
|
80
85
|
| `cloudflare-deploy-skill` | Platform-specific | Action-capable | Blocked on approval model |
|
|
81
86
|
| `supabase-rls-audit-skill` | Platform-specific | Audit-only | Builder-mode approved; later in wave |
|
|
82
|
-
| `migration-review-skill` | General with platform adapters | Audit-only | Builder-mode approved; later in wave |
|
|
83
|
-
| `api-contract-audit-skill` | General | Audit-only | Builder-mode approved; later in wave |
|
|
84
87
|
| `repo-knowledge-sync-skill` | General | Action-capable | Blocked on write approval model |
|
|
85
88
|
| `security-hardening-review-skill` | General coordinator | Audit-only | Needs more evidence |
|
|
86
89
|
| `worker-queue-debug-skill` | General core with project adapters | Audit-only first | Needs more evidence |
|
|
87
90
|
| `devvit-ingest-debug-skill` | Project-specific | Audit-only | Needs project evidence |
|
|
88
|
-
| `github-handoff-skill` | General | Audit-only | Builder-mode approved; later in wave |
|
|
89
91
|
| `session-extractor-skill` | General tooling | Action-capable | Blocked on privacy policy and more evidence |
|
|
90
92
|
| `command-redaction-skill` | General tooling | Action-capable | Needs more evidence |
|
|
91
93
|
|
package/bin/coding-agent-skills
CHANGED
|
@@ -35,6 +35,12 @@ const commands = {
|
|
|
35
35
|
usage: "coding-agent-skills env-audit <project-root>",
|
|
36
36
|
requiredArgs: 1,
|
|
37
37
|
},
|
|
38
|
+
"secret-audit": {
|
|
39
|
+
script: "scripts/render-secret-audit.mjs",
|
|
40
|
+
args: ([projectRoot]) => [projectRoot],
|
|
41
|
+
usage: "coding-agent-skills secret-audit <project-root>",
|
|
42
|
+
requiredArgs: 1,
|
|
43
|
+
},
|
|
38
44
|
"validate-adapters": {
|
|
39
45
|
script: "scripts/validate-adapters.mjs",
|
|
40
46
|
args: ([adapterRoot]) => [adapterRoot],
|
|
@@ -53,6 +59,7 @@ function usage(exitCode = 0) {
|
|
|
53
59
|
" repo-map <project-root>",
|
|
54
60
|
" route-trace <project-root>",
|
|
55
61
|
" env-audit <project-root>",
|
|
62
|
+
" secret-audit <project-root>",
|
|
56
63
|
" validate-adapters <adapter-root>",
|
|
57
64
|
"",
|
|
58
65
|
"local wrapper for the published coding-agent-skills package",
|
package/docs/adapters/README.md
CHANGED
|
@@ -70,6 +70,23 @@ secret-bearing files, and reports variable names, classifications, sample files
|
|
|
70
70
|
skipped items, and not-verified runtime or credential stores. It never prints values or
|
|
71
71
|
validates credentials.
|
|
72
72
|
|
|
73
|
+
## Adapter-Aware Secret Audit Consumption
|
|
74
|
+
|
|
75
|
+
The shared pack can consume a validated project-owned adapter as bounded context for
|
|
76
|
+
`secret-audit`:
|
|
77
|
+
|
|
78
|
+
```bash
|
|
79
|
+
node scripts/render-secret-audit.mjs <project-root>
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
The renderer validates the project declaration when present. If an adapter is present but
|
|
83
|
+
does not enable `secret-audit`, it reports an adapter-limited skip instead of broadening
|
|
84
|
+
scope. When enabled, it reads only adapter-declared safe paths, excludes `.env`,
|
|
85
|
+
secret-bearing files, generated output, dependency paths, and oversized files, then
|
|
86
|
+
reports finding paths, types, and counts. It never prints matched values, validates
|
|
87
|
+
credentials, rotates secrets, contacts APIs, deploys, migrates, builds, tests, or mutates
|
|
88
|
+
project files.
|
|
89
|
+
|
|
73
90
|
## What Adapters May Do
|
|
74
91
|
|
|
75
92
|
- Add bounded relative read paths and ignored paths.
|
|
@@ -77,6 +94,8 @@ validates credentials.
|
|
|
77
94
|
- Add documentation precedence and package-manager hints.
|
|
78
95
|
- Add route-trace safe read paths for static route files and route config.
|
|
79
96
|
- Add env-audit safe read paths for static source, docs, sample, and config files.
|
|
97
|
+
- Add secret-audit safe read paths for static source, docs, sample, and config files
|
|
98
|
+
while relying on the shared scanner to exclude secret-bearing paths.
|
|
80
99
|
- Add command aliases that already satisfy the shared command policy.
|
|
81
100
|
- Add status-only runtime commands and manager hints.
|
|
82
101
|
- Require additional evidence or named approval for exceptional reads.
|
|
@@ -133,6 +133,18 @@ present but does not enable `env-audit`, it reports an adapter-limited skip. Whe
|
|
|
133
133
|
it reads only adapter-declared safe paths, refuses `.env` and secret-bearing files, and
|
|
134
134
|
reports environment variable names without values.
|
|
135
135
|
|
|
136
|
+
A project-owned adapter can also enable read-only `secret-audit` context:
|
|
137
|
+
|
|
138
|
+
```bash
|
|
139
|
+
node scripts/render-secret-audit.mjs <project-root>
|
|
140
|
+
```
|
|
141
|
+
|
|
142
|
+
The secret-audit renderer validates the project declaration when present. If the adapter
|
|
143
|
+
is present but does not enable `secret-audit`, it reports an adapter-limited skip. When
|
|
144
|
+
enabled, it reads only adapter-declared safe paths, refuses `.env` and secret-bearing
|
|
145
|
+
files, and reports high-confidence finding paths, types, and counts without matched
|
|
146
|
+
values or credential validation.
|
|
147
|
+
|
|
136
148
|
## Safety Boundary
|
|
137
149
|
|
|
138
150
|
Project adapters are extension-only. They cannot remove denied operations, change an
|
|
@@ -21,7 +21,7 @@ project repository is touched:
|
|
|
21
21
|
- The project can declare exactly one installation file: `.coding-agent/skills.json` or
|
|
22
22
|
`coding-agent.skills.json`.
|
|
23
23
|
- The adapter need is bounded to existing pilot skills: `repo-map`, `route-trace`,
|
|
24
|
-
`env-audit`, `build-verify`, `git-preflight`, `runtime-truth`, or
|
|
24
|
+
`env-audit`, `secret-audit`, `build-verify`, `git-preflight`, `runtime-truth`, or
|
|
25
25
|
`llm-drift-control`.
|
|
26
26
|
- The adapter can narrow context with relative paths, documentation precedence, safe
|
|
27
27
|
aliases, status-only hints, or extra evidence requirements.
|
|
@@ -14,6 +14,7 @@ Audit-only:
|
|
|
14
14
|
- `repo-map`
|
|
15
15
|
- `route-trace`
|
|
16
16
|
- `env-audit`
|
|
17
|
+
- `secret-audit`
|
|
17
18
|
- `git-preflight`
|
|
18
19
|
- `runtime-truth`
|
|
19
20
|
- `llm-drift-control`
|
|
@@ -22,6 +23,6 @@ Controlled local validation:
|
|
|
22
23
|
|
|
23
24
|
- `build-verify`
|
|
24
25
|
|
|
25
|
-
The evidence pack is a shared output contract, not an executable skill.
|
|
26
|
-
|
|
27
|
-
|
|
26
|
+
The evidence pack is a shared output contract, not an executable skill. Deployment
|
|
27
|
+
preflight, GitHub handoff, provider operations, and additional project adapters remain
|
|
28
|
+
separate future work.
|
package/docs/release/README.md
CHANGED
|
@@ -19,8 +19,9 @@
|
|
|
19
19
|
13. Inspect tarball contents for local-only files, credentials, `.env` files, dependency
|
|
20
20
|
folders, generated output, and unrelated repositories.
|
|
21
21
|
14. Install the tarball into a temporary npm prefix and smoke-test the installed CLI.
|
|
22
|
-
15. Smoke-test any new CLI command such as `coding-agent-skills route-trace
|
|
23
|
-
`coding-agent-skills env-audit
|
|
22
|
+
15. Smoke-test any new CLI command such as `coding-agent-skills route-trace`,
|
|
23
|
+
`coding-agent-skills env-audit`, or `coding-agent-skills secret-audit` against
|
|
24
|
+
synthetic fixtures only unless a real project
|
|
24
25
|
read-only smoke is explicitly approved.
|
|
25
26
|
16. Review changelog, ledger, run evidence, and versioning impact.
|
|
26
27
|
17. Commit with approved identity.
|
|
@@ -7,7 +7,7 @@ safety model.
|
|
|
7
7
|
## Current Package Shape
|
|
8
8
|
|
|
9
9
|
- Package name: `coding-agent-skills`.
|
|
10
|
-
- Package version: `0.2.
|
|
10
|
+
- Package version: `0.2.11`.
|
|
11
11
|
- CLI bin: `coding-agent-skills` mapped to `bin/coding-agent-skills`.
|
|
12
12
|
- Module type: `module`.
|
|
13
13
|
- Dependencies: none.
|
|
@@ -29,6 +29,7 @@ coding-agent-skills validate-project /path/to/project
|
|
|
29
29
|
coding-agent-skills repo-map /path/to/project
|
|
30
30
|
coding-agent-skills route-trace /path/to/project
|
|
31
31
|
coding-agent-skills env-audit /path/to/project
|
|
32
|
+
coding-agent-skills secret-audit /path/to/project
|
|
32
33
|
coding-agent-skills validate-adapters /path/to/adapter-root
|
|
33
34
|
```
|
|
34
35
|
|
|
@@ -43,6 +44,9 @@ project-adapter validators. `route-trace` is static and audit-only; it reports r
|
|
|
43
44
|
files and route declarations without executing the target project. `env-audit` is static
|
|
44
45
|
and audit-only; it reports environment variable names without reading `.env` files or
|
|
45
46
|
printing values.
|
|
47
|
+
`secret-audit` is static and audit-only; it reports high-confidence secret-like finding
|
|
48
|
+
paths, types, and counts without printing matched values, reading `.env` files, or
|
|
49
|
+
validating credentials.
|
|
46
50
|
|
|
47
51
|
`coding-agent-skills validate-pack` is package-aware. In a source checkout, it keeps
|
|
48
52
|
source-only checks such as `.gitignore` validation. In an installed package tree, where
|
|
@@ -77,7 +81,7 @@ included.
|
|
|
77
81
|
|
|
78
82
|
The public CLI remains read-only for target projects unless a specific underlying skill
|
|
79
83
|
already permits a bounded local validation action. The installed `repo-map`,
|
|
80
|
-
`route-trace`, and adapter flows do not:
|
|
84
|
+
`route-trace`, `env-audit`, `secret-audit`, and adapter flows do not:
|
|
81
85
|
|
|
82
86
|
- deploy
|
|
83
87
|
- run migrations
|
package/docs/safety/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
## Audit-Only Rule
|
|
4
4
|
|
|
5
|
-
`repo-map`, `route-trace`, `env-audit`, `git-preflight`, `runtime-truth`, and `llm-drift-control` must not alter project files, Git state, dependencies, processes, services, databases, remote systems, or deployment state.
|
|
5
|
+
`repo-map`, `route-trace`, `env-audit`, `secret-audit`, `git-preflight`, `runtime-truth`, and `llm-drift-control` must not alter project files, Git state, dependencies, processes, services, databases, remote systems, or deployment state.
|
|
6
6
|
|
|
7
7
|
`route-trace` is static only. It may read bounded non-secret route files and route
|
|
8
8
|
configuration, but it must not execute app code, run servers, hit URLs, claim runtime
|
|
@@ -12,6 +12,11 @@ truth, or broaden adapter scope when a project adapter is present.
|
|
|
12
12
|
files, including `.env.example`, but must not read `.env`, print values, validate
|
|
13
13
|
credentials, contact APIs, or inspect secret stores.
|
|
14
14
|
|
|
15
|
+
`secret-audit` is redacted static inspection only. It may read bounded non-secret static
|
|
16
|
+
files and report high-confidence secret-like finding paths, types, and counts, but it must
|
|
17
|
+
not print matched values, read `.env` or secret-bearing files, inspect credential stores,
|
|
18
|
+
validate or rotate credentials, contact APIs, or broaden adapter scope.
|
|
19
|
+
|
|
15
20
|
`build-verify` may run existing project-native validation commands. Build or test tools may create their normal local artifacts, but the skill must declare observed changes and must reject installation, fix modes, snapshot updates, deployment, migration, or unknown scripts.
|
|
16
21
|
|
|
17
22
|
## Restricted Categories
|
package/docs/testing/README.md
CHANGED
|
@@ -44,6 +44,14 @@ Synthetic env-audit projects cover value-free variable-name detection, `.env` ex
|
|
|
44
44
|
behavior. Env-audit tests must never print values, validate credentials, contact APIs,
|
|
45
45
|
run target projects, build, test, deploy, migrate, or read `.env` files.
|
|
46
46
|
|
|
47
|
+
## Secret Audit
|
|
48
|
+
|
|
49
|
+
Synthetic secret-audit projects cover high-confidence finding detection, `.env` exclusion,
|
|
50
|
+
matched-value omission, adapter-declared scope, and adapter-present-but-not-enabled
|
|
51
|
+
behavior. Secret-audit tests construct synthetic secret-like values only in temporary
|
|
52
|
+
directories and assert that rendered reports include paths, types, and counts without
|
|
53
|
+
printing matched values.
|
|
54
|
+
|
|
47
55
|
## Privacy And Redaction
|
|
48
56
|
|
|
49
57
|
Sensitive shapes are stored as ordered synthetic parts and reconstructed only in memory. Tests verify type detection, redaction, and absence from reusable skill content without printing fixture values.
|
package/docs/usage/README.md
CHANGED
|
@@ -7,6 +7,7 @@ Select the least-privileged skill that matches the request:
|
|
|
7
7
|
| Understand repository identity and structure | `repo-map` |
|
|
8
8
|
| Trace statically visible route surfaces | `route-trace` |
|
|
9
9
|
| Map environment variable names without values | `env-audit` |
|
|
10
|
+
| Find high-confidence secret exposure risks without values | `secret-audit` |
|
|
10
11
|
| Run existing local validation checks | `build-verify` |
|
|
11
12
|
| Assess Git handoff readiness | `git-preflight` |
|
|
12
13
|
| Determine what is actually running | `runtime-truth` |
|
|
@@ -18,11 +19,13 @@ Select the least-privileged skill that matches the request:
|
|
|
18
19
|
2. Use `route-trace` when route files or declarations must be mapped from static files.
|
|
19
20
|
3. Use `env-audit` when environment variable names or sample config references must be
|
|
20
21
|
mapped without reading values.
|
|
21
|
-
4.
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
22
|
+
4. Use `secret-audit` when high-confidence tracked secret exposure risk must be reported
|
|
23
|
+
by path, type, and count without printing matched values.
|
|
24
|
+
5. Perform implementation outside this pilot pack.
|
|
25
|
+
6. Use `build-verify` for approved project-native checks.
|
|
26
|
+
7. Use `git-preflight` before handoff or publication.
|
|
27
|
+
8. Use `runtime-truth` only when live local state matters.
|
|
28
|
+
9. Use `llm-drift-control` when claims and evidence may disagree.
|
|
26
29
|
|
|
27
30
|
Every skill emits an evidence pack. Read `status`, skipped checks, failures, confidence, and changed state before relying on a completion claim.
|
|
28
31
|
|
|
@@ -55,6 +58,7 @@ coding-agent-skills validate-project /path/to/project
|
|
|
55
58
|
coding-agent-skills repo-map /path/to/project
|
|
56
59
|
coding-agent-skills route-trace /path/to/project
|
|
57
60
|
coding-agent-skills env-audit /path/to/project
|
|
61
|
+
coding-agent-skills secret-audit /path/to/project
|
|
58
62
|
coding-agent-skills validate-adapters /path/to/adapter-root
|
|
59
63
|
```
|
|
60
64
|
|
|
@@ -74,6 +78,9 @@ skipped items, and not-verified runtime-dependent route classes.
|
|
|
74
78
|
when enabled, and statically reports environment variable names, classifications, sample
|
|
75
79
|
files inspected, skipped secret-bearing paths, and not-verified runtime or credential
|
|
76
80
|
stores without printing values.
|
|
81
|
+
`secret-audit` validates a project adapter when present, uses adapter-declared safe paths
|
|
82
|
+
when enabled, and statically reports high-confidence secret-like finding paths, types, and
|
|
83
|
+
counts without printing matched values or validating credentials.
|
|
77
84
|
|
|
78
85
|
The installed CLI does not run target project builds or tests, perform runtime checks,
|
|
79
86
|
deploy, migrate, mutate services or processes, or read `.env` files. Project adapters
|
|
@@ -89,6 +96,7 @@ bin/coding-agent-skills validate-project /path/to/project
|
|
|
89
96
|
bin/coding-agent-skills repo-map /path/to/project
|
|
90
97
|
bin/coding-agent-skills route-trace /path/to/project
|
|
91
98
|
bin/coding-agent-skills env-audit /path/to/project
|
|
99
|
+
bin/coding-agent-skills secret-audit /path/to/project
|
|
92
100
|
bin/coding-agent-skills validate-adapters /path/to/adapter-root
|
|
93
101
|
```
|
|
94
102
|
|
|
@@ -101,6 +109,7 @@ coding-agent-skills validate-project /path/to/project
|
|
|
101
109
|
coding-agent-skills repo-map /path/to/project
|
|
102
110
|
coding-agent-skills route-trace /path/to/project
|
|
103
111
|
coding-agent-skills env-audit /path/to/project
|
|
112
|
+
coding-agent-skills secret-audit /path/to/project
|
|
104
113
|
coding-agent-skills validate-adapters /path/to/adapter-root
|
|
105
114
|
```
|
|
106
115
|
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": "0.2.3",
|
|
3
|
+
"mode": "audit-only",
|
|
4
|
+
"parserPolicy": {
|
|
5
|
+
"inspectEverySegment": true,
|
|
6
|
+
"inspectScriptBodies": true,
|
|
7
|
+
"rejectUnknownExecutables": true,
|
|
8
|
+
"rejectShellWrappers": true,
|
|
9
|
+
"rejectHeredocs": true,
|
|
10
|
+
"rejectRedirection": true,
|
|
11
|
+
"providerSpecificNpx": true,
|
|
12
|
+
"authenticatedCurlRequiresApproval": true,
|
|
13
|
+
"boundedReadsRequired": true,
|
|
14
|
+
"allowedComposition": "read-only"
|
|
15
|
+
},
|
|
16
|
+
"allowedFamilies": [
|
|
17
|
+
{
|
|
18
|
+
"name": "bounded-secret-pattern-inspection",
|
|
19
|
+
"executables": ["pwd", "ls", "rg", "find", "sed", "head"],
|
|
20
|
+
"argumentPolicy": {
|
|
21
|
+
"strategy": "pattern",
|
|
22
|
+
"allowedPatterns": ["bounded repository-local path/count secret-pattern inspection"],
|
|
23
|
+
"deniedPatterns": ["secret files, matched values, credential stores, API calls, and unbounded traversal"]
|
|
24
|
+
},
|
|
25
|
+
"constraints": [
|
|
26
|
+
"Remain inside the declared project scope.",
|
|
27
|
+
"Bound traversal depth and output.",
|
|
28
|
+
"Exclude .env, secret-bearing, generated, dependency, build, and runtime-output paths.",
|
|
29
|
+
"Report file paths, finding types, and counts only."
|
|
30
|
+
]
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
"name": "git-identity-inspection",
|
|
34
|
+
"executables": ["git"],
|
|
35
|
+
"argumentPolicy": {
|
|
36
|
+
"strategy": "exact",
|
|
37
|
+
"allowedPatterns": ["rev-parse and status --short --branch"],
|
|
38
|
+
"deniedPatterns": ["all Git mutation and publication subcommands"]
|
|
39
|
+
},
|
|
40
|
+
"constraints": ["Allow only read-only repository identity and branch-state inspection."]
|
|
41
|
+
},
|
|
42
|
+
{
|
|
43
|
+
"name": "secret-audit-renderer",
|
|
44
|
+
"executables": ["node", "coding-agent-skills"],
|
|
45
|
+
"argumentPolicy": {
|
|
46
|
+
"strategy": "exact",
|
|
47
|
+
"allowedPatterns": ["node scripts/render-secret-audit.mjs <project-root>; coding-agent-skills secret-audit <project-root>"],
|
|
48
|
+
"deniedPatterns": [".env reads, matched values, credential validation, rotation, API calls, builds, tests, deployment, migration, and package installation"]
|
|
49
|
+
},
|
|
50
|
+
"constraints": [
|
|
51
|
+
"The renderer must remain static and read-only.",
|
|
52
|
+
"Do not print matched values or treat findings as credential validity evidence."
|
|
53
|
+
]
|
|
54
|
+
}
|
|
55
|
+
],
|
|
56
|
+
"restrictedCategories": [
|
|
57
|
+
"file-write",
|
|
58
|
+
"package-install",
|
|
59
|
+
"deployment",
|
|
60
|
+
"git-mutation",
|
|
61
|
+
"unrestricted-scan",
|
|
62
|
+
"secret-read",
|
|
63
|
+
"process-mutation",
|
|
64
|
+
"service-mutation",
|
|
65
|
+
"migration-apply",
|
|
66
|
+
"privileged-api"
|
|
67
|
+
],
|
|
68
|
+
"approvalExceptions": [
|
|
69
|
+
"A named-file approval may permit one otherwise excluded non-mutating static read when the file is not secret-bearing."
|
|
70
|
+
]
|
|
71
|
+
}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
{
|
|
2
|
+
"contractVersion": "1.0.0",
|
|
3
|
+
"skill": {"name": "secret-audit", "version": "0.2.3"},
|
|
4
|
+
"invocation": {
|
|
5
|
+
"id": "example-secret-audit",
|
|
6
|
+
"startedAt": "2026-07-03T11:00:00Z",
|
|
7
|
+
"endedAt": "2026-07-03T11:01:00Z"
|
|
8
|
+
},
|
|
9
|
+
"repository": {
|
|
10
|
+
"root": "/workspace/example-project",
|
|
11
|
+
"branch": "main",
|
|
12
|
+
"head": "0123456789abcdef",
|
|
13
|
+
"workingTreeState": "clean"
|
|
14
|
+
},
|
|
15
|
+
"userIntent": "Find possible tracked secret exposure before handoff.",
|
|
16
|
+
"declaredScope": ["/workspace/example-project"],
|
|
17
|
+
"projectAdapter": "example-secret-adapter",
|
|
18
|
+
"environmentSummary": {"platform": "linux", "shell": "bash"},
|
|
19
|
+
"status": "complete",
|
|
20
|
+
"confidence": {
|
|
21
|
+
"level": "high",
|
|
22
|
+
"reason": "Static files were scanned for high-confidence secret-like patterns with matched values omitted."
|
|
23
|
+
},
|
|
24
|
+
"commands": [
|
|
25
|
+
{
|
|
26
|
+
"command": "coding-agent-skills secret-audit /workspace/example-project",
|
|
27
|
+
"family": "secret-audit-renderer",
|
|
28
|
+
"workingDirectory": "/workspace/example-project",
|
|
29
|
+
"startedAt": "2026-07-03T11:00:20Z",
|
|
30
|
+
"endedAt": "2026-07-03T11:00:21Z",
|
|
31
|
+
"exitStatus": 0,
|
|
32
|
+
"resultStatus": "success",
|
|
33
|
+
"safetyClass": "allowed",
|
|
34
|
+
"approvalReference": null,
|
|
35
|
+
"purpose": "Render a redacted static secret-audit report.",
|
|
36
|
+
"outputSummary": "Reported finding paths, types, and counts without matched values."
|
|
37
|
+
}
|
|
38
|
+
],
|
|
39
|
+
"skippedChecks": [],
|
|
40
|
+
"findings": [
|
|
41
|
+
{
|
|
42
|
+
"summary": "Potential secret exposure was reported by file path, type, and count only.",
|
|
43
|
+
"evidence": ["src/example.ts"]
|
|
44
|
+
}
|
|
45
|
+
],
|
|
46
|
+
"risks": [],
|
|
47
|
+
"failures": [],
|
|
48
|
+
"unresolvedQuestions": [],
|
|
49
|
+
"changedState": {
|
|
50
|
+
"changed": false,
|
|
51
|
+
"summary": "No project, Git, dependency, runtime, service, or remote state changed."
|
|
52
|
+
},
|
|
53
|
+
"handoffSummary": "Secret-like findings require human review; matched values were omitted.",
|
|
54
|
+
"recommendedNextAction": "Review flagged files locally and rotate credentials only through approved project procedures."
|
|
55
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "secret-audit",
|
|
3
|
+
"version": "0.2.3",
|
|
4
|
+
"mode": "audit-only",
|
|
5
|
+
"evidenceContract": "../../contracts/evidence-pack/evidence-pack.schema.json",
|
|
6
|
+
"commandPolicy": "../command-policies/secret-audit.json",
|
|
7
|
+
"adapterSchema": "../../schemas/project-adapter.schema.json",
|
|
8
|
+
"adapterCompatibility": {
|
|
9
|
+
"contractVersion": "1.0.0",
|
|
10
|
+
"compatibleAdapterVersions": ["1.0.0"]
|
|
11
|
+
},
|
|
12
|
+
"adapterInterface": "../../skills/secret-audit/adapter-interface.md",
|
|
13
|
+
"description": "Find high-confidence secret exposure risks without printing values."
|
|
14
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Secret Audit Workflow
|
|
2
|
+
|
|
3
|
+
Use `secret-audit` before handoff or publication:
|
|
4
|
+
|
|
5
|
+
```bash
|
|
6
|
+
coding-agent-skills secret-audit /workspace/project
|
|
7
|
+
```
|
|
8
|
+
|
|
9
|
+
Review file paths, types, counts, skipped secret-bearing paths, and not-verified stores.
|
|
10
|
+
Do not ask the tool to print matched values or rotate credentials.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "coding-agent-skills",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.11",
|
|
4
4
|
"description": "Evidence-first, read-only coding-agent skills and project adapter tooling.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"private": false,
|
|
@@ -11,6 +11,7 @@
|
|
|
11
11
|
"repo-map",
|
|
12
12
|
"route-trace",
|
|
13
13
|
"env-audit",
|
|
14
|
+
"secret-audit",
|
|
14
15
|
"project-adapters",
|
|
15
16
|
"code-validation",
|
|
16
17
|
"cli"
|
package/runs/skill-runs.md
CHANGED
|
@@ -197,3 +197,19 @@ This file records bounded maintainer-loop runs. Entries must not contain secrets
|
|
|
197
197
|
- Validation commands: pending final release validation matrix.
|
|
198
198
|
- Result: pass pending final publication evidence.
|
|
199
199
|
- Commit/tag/push status: pending approved release workflow.
|
|
200
|
+
|
|
201
|
+
## implementation-v0.2.11-secret-audit
|
|
202
|
+
|
|
203
|
+
- Run ID: `implementation-v0.2.11-secret-audit`
|
|
204
|
+
- Repository: `/home/oneclickwebsitedesignfactory/coding-agent-skills`
|
|
205
|
+
- Command used: `builder-mode approval for secret-audit-skill implementation and release`
|
|
206
|
+
- Files changed: `secret-audit` skill, secret-audit renderer and library, CLI wrapper,
|
|
207
|
+
adapter schemas, pack rules, release tests, synthetic secret fixtures, usage/release/
|
|
208
|
+
safety/adapter docs, changelog, roadmap, work ledger, run log, and package metadata.
|
|
209
|
+
- Safety boundary: read-only, static-analysis only, no `.env` reads, no secret-file
|
|
210
|
+
reads, no matched value printing, no credential validation or rotation, no API calls,
|
|
211
|
+
no builds, no tests in target projects, no deploys, no migrations, and no
|
|
212
|
+
target-project mutation.
|
|
213
|
+
- Validation commands: pending final release validation matrix.
|
|
214
|
+
- Result: pass pending final publication evidence.
|
|
215
|
+
- Commit/tag/push status: pending approved release workflow.
|
|
@@ -67,6 +67,7 @@
|
|
|
67
67
|
"repo-map",
|
|
68
68
|
"route-trace",
|
|
69
69
|
"env-audit",
|
|
70
|
+
"secret-audit",
|
|
70
71
|
"build-verify",
|
|
71
72
|
"git-preflight",
|
|
72
73
|
"runtime-truth",
|
|
@@ -101,6 +102,7 @@
|
|
|
101
102
|
"repo-map",
|
|
102
103
|
"route-trace",
|
|
103
104
|
"env-audit",
|
|
105
|
+
"secret-audit",
|
|
104
106
|
"build-verify",
|
|
105
107
|
"git-preflight",
|
|
106
108
|
"runtime-truth",
|
|
@@ -91,6 +91,7 @@
|
|
|
91
91
|
"repo-map",
|
|
92
92
|
"route-trace",
|
|
93
93
|
"env-audit",
|
|
94
|
+
"secret-audit",
|
|
94
95
|
"build-verify",
|
|
95
96
|
"git-preflight",
|
|
96
97
|
"runtime-truth",
|
|
@@ -169,6 +170,7 @@
|
|
|
169
170
|
"repo-map",
|
|
170
171
|
"route-trace",
|
|
171
172
|
"env-audit",
|
|
173
|
+
"secret-audit",
|
|
172
174
|
"build-verify",
|
|
173
175
|
"git-preflight",
|
|
174
176
|
"runtime-truth",
|
|
@@ -2,6 +2,7 @@ export const PILOT_SKILLS = [
|
|
|
2
2
|
"repo-map",
|
|
3
3
|
"route-trace",
|
|
4
4
|
"env-audit",
|
|
5
|
+
"secret-audit",
|
|
5
6
|
"build-verify",
|
|
6
7
|
"git-preflight",
|
|
7
8
|
"runtime-truth",
|
|
@@ -15,6 +16,7 @@ export const AUDIT_ONLY_SKILLS = [
|
|
|
15
16
|
"repo-map",
|
|
16
17
|
"route-trace",
|
|
17
18
|
"env-audit",
|
|
19
|
+
"secret-audit",
|
|
18
20
|
"git-preflight",
|
|
19
21
|
"runtime-truth",
|
|
20
22
|
"llm-drift-control",
|
|
@@ -380,6 +382,13 @@ export function classifyTrigger(prompt) {
|
|
|
380
382
|
) {
|
|
381
383
|
return "env-audit";
|
|
382
384
|
}
|
|
385
|
+
if (
|
|
386
|
+
/\b(?:secret audit|secrets? scan|secret exposure|credential exposure|tracked secrets?|hardcoded secrets?|private keys?|api keys?|tokens? in source)\b/.test(
|
|
387
|
+
text,
|
|
388
|
+
)
|
|
389
|
+
) {
|
|
390
|
+
return "secret-audit";
|
|
391
|
+
}
|
|
383
392
|
if (
|
|
384
393
|
/\b(?:unfamiliar repository|canonical repository root|canonical repo|map the current packages|map this repository|identify its entry points|nested directory)\b/.test(
|
|
385
394
|
text,
|
|
@@ -521,7 +530,7 @@ function classifySegment(segment, options = {}) {
|
|
|
521
530
|
}
|
|
522
531
|
if (
|
|
523
532
|
executable === "node" &&
|
|
524
|
-
!/^node\s+(?:--check\b|--test\b|scripts\/(?:validate-pack|validate-maintainer-loop|validate-adapters|validate-project-adapters|check-adapter-upgrade|check-adapter-upgrade-chain|verify-evidence-bundle|render-evidence-archive-report|render-adapter-repo-map|render-route-trace|render-env-audit|test-pack)\.mjs\b)/.test(
|
|
533
|
+
!/^node\s+(?:--check\b|--test\b|scripts\/(?:validate-pack|validate-maintainer-loop|validate-adapters|validate-project-adapters|check-adapter-upgrade|check-adapter-upgrade-chain|verify-evidence-bundle|render-evidence-archive-report|render-adapter-repo-map|render-route-trace|render-env-audit|render-secret-audit|test-pack)\.mjs\b)/.test(
|
|
525
534
|
segment,
|
|
526
535
|
)
|
|
527
536
|
) {
|
|
@@ -531,7 +540,7 @@ function classifySegment(segment, options = {}) {
|
|
|
531
540
|
["coding-agent-skills", "bin/coding-agent-skills", "./bin/coding-agent-skills"].includes(
|
|
532
541
|
executable,
|
|
533
542
|
) &&
|
|
534
|
-
!/^(?:\.\/)?(?:bin\/)?coding-agent-skills\s+(?:validate-pack|validate-project\s+\S+|repo-map\s+\S+|route-trace\s+\S+|env-audit\s+\S+|validate-adapters\s+\S+|help|--help|-h)\s*$/.test(
|
|
543
|
+
!/^(?:\.\/)?(?:bin\/)?coding-agent-skills\s+(?:validate-pack|validate-project\s+\S+|repo-map\s+\S+|route-trace\s+\S+|env-audit\s+\S+|secret-audit\s+\S+|validate-adapters\s+\S+|help|--help|-h)\s*$/.test(
|
|
535
544
|
segment,
|
|
536
545
|
)
|
|
537
546
|
) {
|