guardskills 0.1.0-alpha.2 → 0.1.0-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -0
- package/SECURITY.md +7 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -23,6 +23,14 @@ npx guardskills add https://github.com/vercel-labs/skills --skill find-skills
|
|
|
23
23
|
3. Computes a risk decision (`SAFE`, `WARNING`, `UNSAFE`, `CRITICAL`, `UNVERIFIABLE`).
|
|
24
24
|
4. Proceeds to `npx skills add ...` only if gate policy allows.
|
|
25
25
|
|
|
26
|
+
## Security Notice
|
|
27
|
+
|
|
28
|
+
`guardskills` is an additional security layer on top of `skills.sh`, not a replacement for your own review process.
|
|
29
|
+
|
|
30
|
+
- `guardskills` does not maintain, control, or guarantee the safety of `skills.sh` or third-party skill repositories.
|
|
31
|
+
- Static analysis reduces risk but cannot detect every threat.
|
|
32
|
+
- A `SAFE` result means "no known high-risk pattern detected," not "guaranteed safe."
|
|
33
|
+
|
|
26
34
|
## Current Readiness
|
|
27
35
|
|
|
28
36
|
- Current stage: **beta-quality**.
|
|
@@ -105,6 +113,18 @@ guardskills add owner/repo --skill name \
|
|
|
105
113
|
--max-total-files 120
|
|
106
114
|
```
|
|
107
115
|
|
|
116
|
+
## Local Check (Folder on Disk)
|
|
117
|
+
|
|
118
|
+
Current CLI release supports GitHub sources directly (`guardskills add <repo>`).
|
|
119
|
+
If you have a local skill folder, you can run the scanner manually:
|
|
120
|
+
|
|
121
|
+
```powershell
|
|
122
|
+
$env:SKILL_DIR = "C:/path/to/your/local-skill-folder"
|
|
123
|
+
npx tsx --eval "import fs from 'node:fs'; import path from 'node:path'; import { scanResolvedSkill } from './src/scanner/scan.ts'; import { calculateRiskScore } from './src/scoring/engine.ts'; const root=process.env.SKILL_DIR; if(!root){throw new Error('SKILL_DIR missing')} const files=[]; const walk=(d)=>{for(const e of fs.readdirSync(d,{withFileTypes:true})){const p=path.join(d,e.name); if(e.isDirectory()) walk(p); else files.push({path:path.relative(root,p).replace(/\\\\/g,'/'),content:fs.readFileSync(p,'utf8')});}}; walk(root); const scan=scanResolvedSkill({source:'local',owner:'local',repo:'local',defaultBranch:'local',commitSha:'local',skillName:path.basename(root),skillDir:root,skillFilePath:'SKILL.md',files,unverifiableReasons:[]}); const decision=calculateRiskScore(scan.findings,{hasUnverifiableContent:scan.hasUnverifiableContent,strict:false,trustCredits:0}); console.log(JSON.stringify({level:decision.level,riskScore:decision.riskScore,findings:scan.findings},null,2));"
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
If the path is wrong, PowerShell returns an error before scan starts.
|
|
127
|
+
|
|
108
128
|
## Configuration File
|
|
109
129
|
|
|
110
130
|
`guardskills` supports repository-local policy and default settings via `guardskills.config.json`.
|
package/SECURITY.md
CHANGED
|
@@ -31,4 +31,10 @@ In scope:
|
|
|
31
31
|
Out of scope:
|
|
32
32
|
|
|
33
33
|
- vulnerabilities in third-party skill repositories themselves
|
|
34
|
-
- social engineering reports without technical exploit details
|
|
34
|
+
- social engineering reports without technical exploit details
|
|
35
|
+
|
|
36
|
+
## Limitations
|
|
37
|
+
|
|
38
|
+
- `guardskills` is an additional security control layer and not a guarantee of safety.
|
|
39
|
+
- We do not maintain or control `skills.sh` or third-party skill repositories.
|
|
40
|
+
- Scanner-based detection can miss novel or heavily obfuscated malware.
|