opencode-skills-antigravity 1.0.32 → 1.0.33

package/bundled-skills/conductor-implement/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: conductor-implement
 description: "Execute tasks from a track's implementation plan following TDD workflow"
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/conductor-revert/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: conductor-revert
 description: "Git-aware undo by logical work unit (track, phase, or task)"
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/conductor-validator/SKILL.md

@@ -7,7 +7,7 @@ description: 'Validates Conductor project artifacts for completeness,
   before implementation to verify project context.
 
   '
-risk: unknown
+risk: safe
 source: community
 date_added: '2026-02-27'
 ---

package/bundled-skills/confluence-automation/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: confluence-automation
 description: "Automate Confluence page creation, content search, space management, labels, and hierarchy navigation via Rube MCP (Composio). Always search tools first for current schemas."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/convertkit-automation/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: convertkit-automation
 description: "Automate ConvertKit (Kit) tasks via Rube MCP (Composio): manage subscribers, tags, broadcasts, and broadcast stats. Always search tools first for current schemas."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/create-branch/SKILL.md

@@ -2,7 +2,7 @@
 name: create-branch
 description: Create a git branch following Sentry naming conventions. Use when asked to "create a branch", "new branch", "start a branch", "make a branch", "switch to a new branch", or when starting new work on the default branch.
 argument-hint: '[optional description of the work]'
-risk: unknown
+risk: critical
 source: community
 ---
 

package/bundled-skills/data-storytelling/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: data-storytelling
 description: "Transform raw data into compelling narratives that drive decisions and inspire action."
-risk: unknown
+risk: safe
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/database-cloud-optimization-cost-optimize/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: database-cloud-optimization-cost-optimize
 description: "You are a cloud cost optimization expert specializing in reducing infrastructure expenses while maintaining performance and reliability. Analyze cloud spending, identify savings opportunities, and implement cost-effective architectures across AWS, Azure, and GCP."
-risk: unknown
+risk: safe
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/database-design/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: database-design
 description: "Database design principles and decision-making. Schema design, indexing strategy, ORM selection, serverless databases."
-risk: unknown
+risk: safe
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/datadog-automation/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: datadog-automation
 description: "Automate Datadog tasks via Rube MCP (Composio): query metrics, search logs, manage monitors/dashboards, create events and downtimes. Always search tools first for current schemas."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/dbt-transformation-patterns/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: dbt-transformation-patterns
 description: "Production-ready patterns for dbt (data build tool) including model organization, testing strategies, documentation, and incremental processing."
-risk: unknown
+risk: none
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/debugger/SKILL.md

@@ -5,7 +5,7 @@ description: 'Debugging specialist for errors, test failures, and unexpected
   behavior. Use proactively when encountering any issues.
 
   '
-risk: unknown
+risk: safe
 source: community
 date_added: '2026-02-27'
 ---

package/bundled-skills/debugging-strategies/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: debugging-strategies
 description: "Transform debugging from frustrating guesswork into systematic problem-solving with proven strategies, powerful tools, and methodical approaches."
-risk: unknown
+risk: safe
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/dependency-upgrade/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: dependency-upgrade
 description: "Master major dependency version upgrades, compatibility analysis, staged upgrade strategies, and comprehensive testing approaches."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/deployment-engineer/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: deployment-engineer
 description: Expert deployment engineer specializing in modern CI/CD pipelines, GitOps workflows, and advanced deployment automation.
-risk: unknown
+risk: critical
 source: community
 date_added: '2026-02-27'
 ---

package/bundled-skills/deployment-pipeline-design/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: deployment-pipeline-design
 description: "Architecture patterns for multi-stage CI/CD pipelines with approval gates and deployment strategies."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/deployment-procedures/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: deployment-procedures
 description: "Production deployment principles and decision-making. Safe deployment workflows, rollback strategies, and verification. Teaches thinking, not scripts."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/deployment-validation-config-validate/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: deployment-validation-config-validate
 description: "You are a configuration management expert specializing in validating, testing, and ensuring the correctness of application configurations. Create comprehensive validation schemas, implement configurat"
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/discord-automation/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: discord-automation
 description: "Automate Discord tasks via Rube MCP (Composio): messages, channels, roles, webhooks, reactions. Always search tools first for current schemas."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/distributed-tracing/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: distributed-tracing
 description: "Implement distributed tracing with Jaeger and Tempo for request flow visibility across microservices."
-risk: unknown
+risk: critical
 source: community
 date_added: "2026-02-27"
 ---

package/bundled-skills/docs/contributors/quality-bar.md

@@ -64,6 +64,8 @@ Use `npm run audit:skills` when you need a repo-wide report that goes beyond sch
 - which skills are missing examples or limitations,
 - and which skills have the highest concentration of warnings/errors.
 
+Maintainers can pair that report with `npm run sync:risk-labels` for conservative legacy cleanup. That sync only rewrites `risk: unknown` when the suggested label is explicit and high-confidence enough to automate safely, and it preserves the contributor-facing rule that new or uncertain submissions can still start as `unknown`.
+
 ---
 
 ## Support Levels
@@ -94,6 +96,7 @@ Notes:
 
 - `npm run validate` is the operational contributor gate.
 - `npm run audit:skills` is the maintainer-facing compliance/usability report for the full library.
+- `npm run sync:risk-labels` is a maintainer cleanup tool for high-confidence legacy `risk:` fixes.
 - `npm run security:docs` is required for command-heavy or risky skill content.
 - PRs that touch `SKILL.md` also get an automated `skill-review` GitHub Actions check.
 - Skill changes and risky guidance still require a manual logic review before merge, even when the automated gates pass.

package/bundled-skills/docs/maintainers/audit.md

@@ -17,7 +17,9 @@ This document summarizes the repository coherence audit performed after the `app
 ### 1. Conteggi
 
 - `README.md`, `package.json`, and generated artifacts are aligned to the current collection size.
-- `npm run sync:all` and `npm run catalog` are the canonical commands for keeping counts and generated files synchronized.
+- `npm run sync:repo-state` is the canonical maintainer command for keeping counts, generated files, contributors, and tracked web assets synchronized on local `main`.
+- `npm run sync:release-state` is the canonical release-facing variant when you want the same sync without the contributor refresh step.
+- `npm run sync:all` remains a legacy alias for the core chain, not the full maintainer sync surface.
 
 ### 2. Validazione skill
 
@@ -38,6 +40,9 @@ This document summarizes the repository coherence audit performed after the `app
   - overly long `SKILL.md` files that should probably be split into `references/`,
   - plus the existing structural/safety checks (frontmatter, risk, `When to Use`, offensive disclaimer, dangling links).
 - The report also includes a non-blocking `suggested_risk` for skills that are still marked `unknown` or appear to be misclassified, so maintainers can resolve risk classification during PR review without changing the contributor gate.
+- Added `tools/scripts/sync_risk_labels.py` (also exposed as `npm run sync:risk-labels`) for conservative legacy cleanup: it only rewrites `risk: unknown` when the suggestion is high-confidence enough to be safely automated.
+- The sync now covers explicit high-confidence `safe`, `critical`, `offensive`, and `none` patterns. When a skill is promoted to `offensive`, the sync also inserts the canonical `AUTHORIZED USE ONLY` notice so the label and content guardrail stay aligned.
+- The intended maintainer loop is: `audit:skills` to inspect `suggested_risk`, `sync:risk-labels` for the safe automated subset, then manual review for the ambiguous tail that should not be batch-classified.
 - Use `npm run audit:skills` for the maintainer view and `npm run audit:skills -- --json-out ... --markdown-out ...` when you want artifacts for triage or cleanup tracking.
 
 ### 3. Riferimenti incrociati
@@ -74,6 +79,8 @@ This document summarizes the repository coherence audit performed after the `app
 npm run validate          # validazione skill (soft)
 npm run validate:strict   # hardening / diagnostic pass
 npm run audit:skills      # audit completo per skill con finding codes e status
+npm run sync:risk-labels  # conservative sync for high-confidence legacy risk labels
+npm run sync:risk-labels -- --dry-run  # preview legacy risk rewrites before touching files
 npm run validate:references  # workflow, bundle, and docs/users/bundles.md references
 npm run security:docs       # documentation command-risk scan (required for security-sensitive guidance)
 npm run build             # chain + catalog
@@ -83,4 +90,5 @@ npm test                  # suite test
 ## Issue aperte / follow-up
 
 - Gradual cleanup of legacy skills so `npm run validate:strict` can become a hard CI gate in the future.
+- Continue reducing the remaining `risk: unknown` tail with conservative sync passes plus manual maintainer review for ambiguous cases.
 - Keep translated docs aligned in a separate pass after the canonical English docs are stable.

package/bundled-skills/docs/maintainers/ci-drift-fix.md

@@ -1,6 +1,6 @@
 # CI Drift Fix Guide
 
-**Problem**: The failing job is caused by uncommitted changes detected in `README.md`, `skills_index.json`, or catalog files after the update scripts run.
+**Problem**: The failing job is caused by tracked drift left behind after the canonical sync steps run on `main`.
 
 **Error**:
 
@@ -9,7 +9,16 @@
 ```
 
 **Cause**:
-Scripts like `tools/scripts/generate_index.py`, `tools/scripts/update_readme.py`, and `tools/scripts/build-catalog.js` modify `README.md`, `skills_index.json`, `data/catalog.json`, `data/bundles.json`, `data/aliases.json`, and `CATALOG.md`. The workflow expects these files to have no changes after the scripts run. Any differences mean the committed repo is out-of-sync with what the generation scripts produce.
+The canonical sync contract is broader than just the root registry files. Scripts such as `generate_index.py`, `update_readme.py`, `build-catalog.js`, `setup_web.js`, and plugin sync helpers can legitimately update:
+
+- `README.md`
+- `CATALOG.md`
+- `skills_index.json`
+- `data/*.json`
+- tracked web assets under `apps/web-app/public/`
+- generated plugin metadata and plugin-safe copies
+
+The workflow expects the repository to be clean after those sync steps finish. Any remaining tracked or unmanaged changes mean `main` is out of sync with what the generation pipeline actually produces.
 
 ## Pull Requests vs Main
 
@@ -18,32 +27,36 @@ Scripts like `tools/scripts/generate_index.py`, `tools/scripts/update_readme.py`
 
 ## How to Fix on `main`
 
-1. Run the **FULL Validation Chain** locally:
+1. Run the canonical maintainer sync locally:
 
    ```bash
-   npm run chain
-   npm run catalog
+   npm run sync:repo-state
    ```
 
-2. Check for changes:
+2. Check whether anything is still dirty:
 
    ```bash
    git status
    git diff
    ```
 
-3. Commit and push any updates:
+3. If the sync produced only canonical/generated changes, stage and commit them. Prefer the generated-files contract instead of a hand-maintained file list:
+
    ```bash
-   git add README.md skills_index.json data/skills_index.json data/catalog.json data/bundles.json data/aliases.json CATALOG.md
-   git commit -m "chore: sync generated registry files"
+   node tools/scripts/generated_files.js --include-mixed
+   git add $(node tools/scripts/generated_files.js --include-mixed)
+   git commit -m "chore: sync canonical artifacts"
    git push
    ```
 
+4. If `sync:repo-state` leaves unrelated or unmanaged drift, stop and inspect it. The bot on `main` is only allowed to push the canonical/generated subset; anything else should fail the workflow instead of being silently auto-committed.
+
 ## Maintainer guidance for PRs
 
 - Validate the source change, not the absence of committed generated artifacts.
 - If a contributor PR includes direct edits to `CATALOG.md`, `skills_index.json`, or `data/*.json`, ask them to drop those files from the PR or remove them while refreshing the branch.
 - If merge conflicts touch generated registry files, keep `main`'s version for those files and let `main` auto-sync the final generated artifact set after merge.
+- If CI on `main` later creates a bot commit with `[ci skip]`, that is expected only for the canonical/generated subset. It is not a license to push arbitrary extra drift.
 
 **Summary**:
 Use generator drift as a hard failure only on `main`. On PRs, the contract is simpler: source-only changes are reviewed, generated output is previewed, and `main` produces the final canonical artifact set.

package/bundled-skills/docs/maintainers/merging-prs.md

@@ -8,6 +8,7 @@
 - The PR must show as **Merged**, not Closed. That way the contributor appears in the repo’s contribution graph and the PR is clearly linked to the merge commit.
 - Do **not** integrate a PR by squashing locally, pushing to `main`, and then closing the PR. That would show "Closed" and the contributor would not get proper credit.
 - Before merging, require the normal PR checks from [`.github/workflows/ci.yml`](../../.github/workflows/ci.yml) to be green. If the PR touches `SKILL.md`, also require the separate [`skill-review` workflow](../../.github/workflows/skill-review.yml) to pass.
+- For PRs that touch `SKILL.md` or risky guidance, require a real manual logic review in addition to the automated checks. Confirm the instructions, failure modes, and `risk:` label make sense before merging.
 
 ## If the PR has merge conflicts
 
@@ -19,6 +20,7 @@ Resolve conflicts **on the PR branch** so the PR becomes mergeable, then use "Sq
 - `README.md` is mixed ownership: contributor prose edits are allowed, but workflow-managed metadata is canonicalized on `main`.
 - If derived files appear in a PR refresh or merge conflict, prefer **`main`'s side** and remove them from the PR branch instead of hand-maintaining them there.
 - Do not block a PR only because shared generated files would be regenerated differently after other merges. `main` auto-syncs the final state after merge.
+- If a skill PR leaves `risk: unknown`, that is not automatically a blocker. Maintainers can review the suggested classification with `npm run audit:skills`, optionally run `npm run sync:risk-labels` locally after merge, and still keep the contributor PR source-only.
 
 ### Steps (maintainer resolves conflicts on the contributor’s branch)
 

package/bundled-skills/docs/maintainers/release-process.md

@@ -17,7 +17,13 @@ This is the maintainer playbook for cutting a repository release. Historical rel
 npm run release:preflight
 ```
 
-This preflight now runs the deterministic `sync:release-state` flow, refreshes the tracked web assets in `apps/web-app/public`, executes the local test suite, runs the web-app build, and performs `npm pack --dry-run --json` so release tags are validated against the same artifact path used later in CI.
+This preflight now runs the deterministic `sync:release-state` flow, refreshes the tracked web assets in `apps/web-app/public`, executes the local test suite, installs the web-app dependencies, runs the web-app build, and performs `npm pack --dry-run --json` so release tags are validated against the same artifact path used later in CI.
+
+The active CI/release contract also expects:
+
+- Python dependencies to come from `tools/requirements.txt`,
+- the web app coverage job (`npm run app:test:coverage`) to stay green,
+- and `npm run security:docs` to pass without relying on non-blocking audit warnings.
 
 2. Mandatory documentation hardening (repo-wide SKILL.md security scan):
 
@@ -41,6 +47,7 @@ Use this as a diagnostic signal. It is useful for spotting legacy quality debt,
 - Confirm `README.md` reflects the current version and generated counts.
 - Confirm Credits & Sources, contributors, and support links are still correct.
 - If PR or CI workflow behavior changed during the cycle, confirm maintainer and contributor docs mention the active checks (for example the `skill-review` workflow for `SKILL.md` pull requests).
+- If maintainers used `npm run sync:risk-labels` or a comparable cleanup flow during the cycle, make sure the maintainer docs still describe the current audit -> sync -> repo-state loop.
 
 5. Prepare the release commit and tag locally:
 
@@ -73,7 +80,7 @@ npm publish
 ```
 
 Normally this still happens via the existing GitHub release workflow after the GitHub release is published.
-That workflow now reruns `sync:release-state`, refreshes tracked web assets, fails on canonical drift via `git diff --exit-code`, executes tests and docs security checks, builds the web app, and dry-runs the npm package before `npm publish`.
+That workflow now reruns `sync:release-state`, installs Python dependencies from `tools/requirements.txt`, refreshes tracked web assets, fails on canonical drift via `git diff --exit-code`, executes tests and docs security checks, runs the web-app coverage gate, enforces `npm audit --audit-level=high`, builds the web app, and dry-runs the npm package before `npm publish`.
 
 ## Canonical Sync Bot
 
@@ -81,6 +88,7 @@ That workflow now reruns `sync:release-state`, refreshes tracked web assets, fai
 
 - PRs stay source-only.
 - After merge, the `main` workflow may commit generated canonical files directly to `main` with `[ci skip]`.
+- Those bot commits still skip CI, so the sync contract must stay narrow and predictable: only canonical/generated files may be staged, and any unmanaged drift must fail the workflow instead of being silently pushed.
 - The bot commit is only allowed to stage files resolved from `tools/scripts/generated_files.js --include-mixed`.
 - If repo-state sync leaves any unmanaged tracked or untracked drift, the workflow fails instead of pushing a partial fix.
 - The scheduled hygiene workflow follows the same contract and shares the same concurrency group so only one canonical sync writer runs at a time.

package/bundled-skills/docs/maintainers/security-findings-triage-2026-03-15.md

@@ -1,5 +1,7 @@
 # Security Findings Triage (2026-03-15)
 
+Maintainer note: later fixes changed the status of several findings after this baseline snapshot. Use [`security-findings-triage-2026-03-29-refresh.md`](security-findings-triage-2026-03-29-refresh.md) as the current source of truth, and keep this file as the historical baseline snapshot.
+
 - Baseline: `origin/main@226f10c2a62fc182b4e93458bddea2e60f9b0cb9`
 - Input CSV was treated as triage input only, not as ground truth.
 - Status meanings: `still present and exploitable`, `still present but low practical risk`, `obsolete/not reproducible on current HEAD`, `duplicate of another finding`.

package/bundled-skills/docs/maintainers/security-findings-triage-2026-03-29-addendum.md

@@ -0,0 +1,48 @@
+# Security Findings Triage Addendum (2026-03-29)
+
+This addendum updates the 2026-03-15 baseline after the follow-up hardening
+work shipped on `main`.
+
+For the full current-head re-triage, use
+[`security-findings-triage-2026-03-29-refresh.md`](security-findings-triage-2026-03-29-refresh.md).
+
+## Corrected / Updated Findings
+
+- Finding `1` / `7` (`tools/scripts/sync_microsoft_skills.py`)
+  The Microsoft sync path now constrains filesystem writes and copied inputs to
+  safe in-repo targets. The plugin-skill discovery path also skips symlinked
+  `SKILL.md` files instead of trusting them. Regression coverage lives in
+  `tools/scripts/tests/test_sync_microsoft_skills_security.py`.
+
+- Finding `18` / `29` (`tools/scripts/validate_skills.py`,
+  `tools/scripts/generate_index.py`)
+  Frontmatter parsing now rejects non-mapping YAML payloads cleanly and handles
+  empty/frontmatter-edge cases without crashing downstream validation or index
+  generation. Regression coverage lives in
+  `tools/scripts/tests/test_frontmatter_parsing_security.py`.
+
+- Finding `19`
+  The web app no longer exposes shared frontend writes for skill saves/stars by
+  default. The current behavior is browser-local save state with optional
+  read-only remote counts, so the old "anonymous Supabase writes allow skill
+  star tampering" assessment is no longer the active behavior on current HEAD.
+
+- Findings `16` / `17`
+  The `refresh-skills` plugin remains a local development surface, but the
+  published GitHub Pages app now runs in static public-catalog mode and does not
+  expose the maintainer sync CTA in production. Treat the residual plugin logic
+  as local dev hardening scope, not a public production endpoint.
+
+- Finding `33`
+  The Office unpack helpers no longer call `extractall()` blindly. They now
+  validate archive member paths and reject traversal/symlink-style entries
+  before extraction. Regression coverage lives in
+  `tools/scripts/tests/test_office_unpack_security.py`.
+
+## Maintainer Guidance
+
+- Keep the 2026-03-15 file as the historical baseline snapshot.
+- Use this addendum plus the newer regression tests when deciding which
+  findings are still actionable on current HEAD.
+- If a future triage refresh is produced, fold these corrections into the next
+  full summary instead of re-copying the original counts unchanged.

package/bundled-skills/docs/maintainers/security-findings-triage-2026-03-29-refresh.md

@@ -0,0 +1,84 @@
+# Security Findings Re-Triage (2026-03-29)
+
+This document is the current-head refresh of the historical
+[`security-findings-triage-2026-03-15.md`](security-findings-triage-2026-03-15.md)
+baseline.
+
+- Baseline snapshot: `origin/main@226f10c2a62fc182b4e93458bddea2e60f9b0cb9`
+- Current verification target: `main@d63d99381b8f613f99c8cb7b758e7879b401f8a0`
+- The 2026-03-15 markdown file and CSV remain useful as historical input, not
+  as the current source of truth.
+- Status meanings are unchanged:
+  `still present and exploitable`, `still present but low practical risk`,
+  `obsolete/not reproducible on current HEAD`, `duplicate of another finding`.
+
+## Summary On Current HEAD
+
+- still present and exploitable: 0
+- still present but low practical risk: 0
+- obsolete/not reproducible on current HEAD: 26
+- duplicate of another finding: 7
+
+## High-Level Outcome
+
+The 2026-03-15 finding set no longer contains a currently reproduced open
+security issue on `main`.
+
+The biggest shifts since the original baseline are:
+
+- filesystem/symlink hardening in `setup_web.js`, `install.js`,
+  `sync_microsoft_skills.py`, `generate_index.py`, `fix_skills_metadata.py`,
+  and `skill-utils.js`
+- removal of shared frontend writes for skill saves/stars
+- parser hardening for non-mapping YAML frontmatter
+- secure extraction in the Office unpack helpers
+- migration of predictable `/tmp` state files into user-owned state
+  directories
+- documentation hardening for risky command guidance
+
+## Detailed Findings
+
+| # | Current Status | Current HEAD Rationale | Evidence |
+|---|---|---|---|
+| 1 | obsolete/not reproducible on current HEAD | `sync_microsoft_skills.py` now sanitizes flat names and constrains delete/copy targets to safe in-repo paths. | `tools/scripts/sync_microsoft_skills.py`, `tools/scripts/tests/test_sync_microsoft_skills_security.py` |
+| 2 | obsolete/not reproducible on current HEAD | `SkillDetail.tsx` still renders markdown without `rehype-raw`; the reported stored-XSS path does not reproduce. | `apps/web-app/src/pages/SkillDetail.tsx` |
+| 3 | obsolete/not reproducible on current HEAD | `setup_web.js` now uses `lstatSync` plus `resolveSafeRealPath()` and skips out-of-root symlinks instead of dereferencing them into public assets. | `tools/scripts/setup_web.js`, `tools/scripts/tests/copy_security.test.js` |
+| 4 | obsolete/not reproducible on current HEAD | The Apify skill no longer recommends pipe-to-shell installs or token-on-command-line login; the risky documentation pattern was removed. | `skills/apify-actorization/SKILL.md` |
+| 5 | duplicate of another finding | Still the same root cause/fix area as finding `3`. | `tools/scripts/setup_web.js` |
+| 6 | duplicate of another finding | Still the same root cause/fix area as finding `3`. | `tools/scripts/setup_web.js` |
+| 7 | obsolete/not reproducible on current HEAD | Microsoft sync now rejects unsafe symlink targets and only accepts safe regular files that stay within the cloned source root. | `tools/scripts/sync_microsoft_skills.py`, `tools/scripts/tests/test_sync_microsoft_skills_security.py` |
+| 8 | duplicate of another finding | Still the same root cause/fix area as finding `7`. | `tools/scripts/sync_microsoft_skills.py` |
+| 9 | obsolete/not reproducible on current HEAD | The tracked `__pycache__` artifacts are absent on current `main`, and repo hygiene tests explicitly fail if they reappear. | `tools/scripts/tests/repo_hygiene_security.test.js` |
+| 10 | obsolete/not reproducible on current HEAD | `generate_index.py` now ignores symlinked `SKILL.md` files instead of reading them during index generation. | `tools/scripts/generate_index.py`, `tools/scripts/tests/test_frontmatter_parsing_security.py` |
+| 11 | obsolete/not reproducible on current HEAD | The Jetski loader rejects symlinked skill directories/files and refuses any resolved `SKILL.md` outside the configured skills root. | `docs/integrations/jetski-gemini-loader/loader.mjs`, `tools/scripts/tests/jetski_gemini_loader.test.cjs` |
+| 12 | obsolete/not reproducible on current HEAD | TLS verification is enabled by default again; insecure behavior now requires an explicit opt-out environment flag. | `skills/junta-leiloeiros/scripts/scraper/base_scraper.py`, `skills/junta-leiloeiros/scripts/web_scraper_fallback.py` |
+| 13 | obsolete/not reproducible on current HEAD | The old bundle-category omission path still does not drive shipped bundle output; current bundles come from `build-catalog.js`. | `tools/scripts/build-catalog.js`, `data/bundles.json` |
+| 14 | obsolete/not reproducible on current HEAD | The malformed `--- Unknown` frontmatter regression is no longer present in `alpha-vantage`. | `skills/alpha-vantage/SKILL.md`, `tools/scripts/tests/repo_hygiene_security.test.js` |
+| 15 | obsolete/not reproducible on current HEAD | `ws_listener.py` now defaults to a user-owned state directory and uses secure file creation instead of predictable shared `/tmp` output files. | `skills/videodb/scripts/ws_listener.py`, `tools/scripts/tests/local_temp_safety.test.js` |
+| 16 | obsolete/not reproducible on current HEAD | `refresh-skills-plugin.js` now resolves real paths under the skills root before serving `/skills/*`; the public Pages app also no longer exposes the maintainer sync surface. | `apps/web-app/refresh-skills-plugin.js`, `README.md`, `apps/web-app/README.md` |
+| 17 | duplicate of another finding | Still the same root cause/fix area as finding `16`. | `apps/web-app/refresh-skills-plugin.js` |
+| 18 | obsolete/not reproducible on current HEAD | `validate_skills.py` now rejects non-mapping YAML frontmatter cleanly instead of crashing downstream validation. | `tools/scripts/validate_skills.py`, `tools/scripts/tests/test_frontmatter_parsing_security.py` |
+| 19 | obsolete/not reproducible on current HEAD | `useSkillStars` now stores saves locally in the browser and no longer performs shared frontend writes through the public Supabase client. | `apps/web-app/src/hooks/useSkillStars.ts`, `apps/web-app/src/lib/supabase.ts` |
+| 20 | obsolete/not reproducible on current HEAD | `fix_skills_metadata.py` now skips symlinked `SKILL.md` files and non-mapping frontmatter instead of rewriting arbitrary targets. | `tools/scripts/fix_skills_metadata.py` |
+| 21 | obsolete/not reproducible on current HEAD | `install.js` now uses `lstatSync` plus `resolveSafeRealPath()` and skips symlinks that resolve outside the cloned repo root. | `tools/bin/install.js`, `tools/scripts/tests/copy_security.test.js` |
+| 22 | duplicate of another finding | Still the same root cause/fix area as finding `21`. | `tools/bin/install.js` |
+| 23 | duplicate of another finding | Still the same root cause/fix area as finding `1`. | `tools/scripts/sync_microsoft_skills.py` |
+| 24 | obsolete/not reproducible on current HEAD | The audio transcription example now uses a quoted heredoc and passes values via environment variables instead of interpolating them into Python source. | `skills/audio-transcriber/examples/basic-transcription.sh` |
+| 25 | obsolete/not reproducible on current HEAD | The claimed recursive symlink traversal in catalog discovery still does not reproduce on current code paths. | `tools/lib/skill-utils.js`, `tools/scripts/build-catalog.js` |
+| 26 | obsolete/not reproducible on current HEAD | Root `skills_index.json` remains the canonical generated index, so the reported release-script path mismatch does not reproduce as a defect. | `tools/scripts/generate_index.py`, `tools/scripts/update_readme.py`, `tools/scripts/release_workflow.js` |
+| 27 | obsolete/not reproducible on current HEAD | `skill-utils.js` now relies on `lstatSync`-based safe directory/file discovery, so normalization does not treat symlinked skill folders as writable local skills. | `tools/lib/skill-utils.js`, `tools/scripts/normalize-frontmatter.js` |
+| 28 | obsolete/not reproducible on current HEAD | The `last30days` skill still passes `"$ARGUMENTS"` as a quoted value into a temp file, so the reported direct shell-injection sink does not reproduce from current text. | `skills/last30days/SKILL.md` |
+| 29 | duplicate of another finding | Still the same root cause/fix area as finding `18`. | `tools/scripts/generate_index.py`, `tools/scripts/validate_skills.py` |
+| 30 | obsolete/not reproducible on current HEAD | The strategic compact hook now stores state under `XDG_STATE_HOME` instead of predictable shared `/tmp` paths. | `skills/cc-skill-strategic-compact/suggest-compact.sh`, `tools/scripts/tests/local_temp_safety.test.js` |
+| 31 | obsolete/not reproducible on current HEAD | `sync_recommended_skills.sh` now preserves symlinks with `cp -RP` and avoids the destructive glob-delete pattern called out in the original report. | `tools/scripts/sync_recommended_skills.sh`, `tools/scripts/tests/repo_hygiene_security.test.js` |
+| 32 | obsolete/not reproducible on current HEAD | `skills_manager.py` now resolves candidate paths relative to the intended base directory and rejects traversal attempts. | `tools/scripts/skills_manager.py`, `tools/scripts/tests/test_skills_manager_security.py` |
+| 33 | obsolete/not reproducible on current HEAD | The Office unpack helpers now validate archive members and reject traversal/symlink-style entries before extraction. | `skills/docx-official/ooxml/scripts/unpack.py`, `skills/pptx-official/ooxml/scripts/unpack.py`, `tools/scripts/tests/test_office_unpack_security.py` |
+
+## Maintainer Notes
+
+- Keep the 2026-03-15 markdown file and CSV as the historical baseline record.
+- Keep the 2026-03-29 addendum as the intermediate transition note.
+- Use this refresh when answering “what is still open right now?” for the
+  original 2026-03-15 finding set.
+- If new findings are discovered later, start a fresh triage cycle rather than
+  mutating the historical baseline counts again.

package/bundled-skills/docs/users/faq.md

@@ -81,6 +81,13 @@ For a concrete example (including pseudo‑code) see:
 
 The skill files themselves are stored locally on your computer, but your AI assistant needs an internet connection to function.
 
+### Does the hosted web app write anything back to the repository?
+
+No. The public site is a static GitHub Pages deploy.
+
+- The maintainer `Sync Skills` flow is local-development only and is not a public production endpoint.
+- Browser save/star interactions are intentionally local-first for now. Until the project has a real backend contract, treat them as browser-local state rather than shared repository writes.
+
 ---
 
 ## Security & Trust
@@ -123,6 +130,8 @@ If you get a 404 from npm, use: `npx github:sickn33/antigravity-awesome-skills`
 git clone https://github.com/sickn33/antigravity-awesome-skills.git .agent/skills
 ```
 
+The installer CLI is the recommended path for most users because it performs a lighter shallow clone of the current library. Manual `git clone` is still the right option when you want the full repository history or plan to contribute from the same checkout.
+
 **Tool-specific paths:**
 
 - Claude Code: `.claude/skills/`
@@ -148,6 +157,28 @@ This repository also includes repo-local plugin metadata for Codex:
 
 That path exposes the new plugin-safe Codex root plugin plus generated bundle plugins. For the full explanation, read [plugins.md](plugins.md).
 
+### Why do I not see `Sync Skills` on the hosted website?
+
+Because the public site is a static GitHub Pages catalog, not a maintainer control surface.
+
+`Sync Skills` is only meant for local maintainer/development runs behind the Vite dev server, and it stays hidden unless the local environment explicitly enables it.
+
+### What does `Public catalog mode` mean?
+
+It means you are looking at the published static catalog build.
+
+In that mode:
+
+- catalog browsing and skill detail pages work normally
+- dev-only `/api/refresh-skills` behavior is not available
+- anything that would require a backend or mutable server state is intentionally disabled or reduced to local-only behavior
+
+### Are saves/stars global or just local?
+
+Right now they are local to your browser.
+
+The app may show optional read-only community counts when configured, but clicking save/star does not create a shared server-side vote. Until the project ships a real backend write contract with abuse controls, treat saves as a personal local bookmark signal.
+
 ### What does `plugin-safe` mean?
 
 Plugin-safe means the published Claude Code and Codex plugins only include the subset of skills that is ready for marketplace-style distribution.

package/bundled-skills/docs/users/getting-started.md

@@ -33,6 +33,7 @@ npx antigravity-awesome-skills
 ```
 
 This clones to `~/.gemini/antigravity/skills` by default. Use `--cursor`, `--claude`, `--gemini`, `--codex`, or `--kiro` to install for a specific tool, or `--path <dir>` for a custom location. Run `npx antigravity-awesome-skills --help` for details.
+The installer uses a shallow clone by default so you get the current library without paying for the full git history on first install.
 
 If you see a 404 error, use: `npx github:sickn33/antigravity-awesome-skills`
 
@@ -116,11 +117,13 @@ Once installed, just talk to your AI naturally.
 
 We classify skills so you know what you're running:
 
-- 🟣 **Official**: Maintained by Anthropic/Google/Vendors (High Trust).
-- 🔵 **Safe**: Community skills that are non-destructive (Read-only/Planning).
-- 🔴 **Risk**: Skills that modify systems or perform security tests (Authorized Use Only).
+- ⚪ **unknown**: legacy/unclassified content that still needs maintainer triage.
+- 🟢 **none**: pure text/reasoning guidance.
+- 🔵 **safe**: read-only or low-risk operational guidance.
+- 🟠 **critical**: state-changing or deployment-impacting guidance.
+- 🔴 **offensive**: pentest/red-team guidance with an explicit Authorized Use Only warning.
 
-When adding new skills, high-risk guidance is extra-reviewed with repository-wide `security:docs` scanning before release.
+Community PRs may still submit `risk: unknown`, but maintainers now audit and progressively reconcile those labels using the repo-wide audit/report tooling. High-risk guidance is extra-reviewed with repository-wide `security:docs` scanning before release.
 
 _Check the [Skill Catalog](../../CATALOG.md) for the full list._
 

package/bundled-skills/documentation-generation-doc-generate/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: documentation-generation-doc-generate
 description: "You are a documentation expert specializing in creating comprehensive, maintainable documentation from code. Generate API docs, architecture diagrams, user guides, and technical references using AI-powered analysis and industry best practices."
-risk: unknown
+risk: safe
 source: community
 date_added: "2026-02-27"
 ---