opencode-skills-collection 3.1.4 → 3.1.5

package/bundled-skills/.antigravity-install-manifest.json

@@ -1,6 +1,6 @@
 {
   "schemaVersion": 1,
-  "updatedAt": "2026-06-23T02:01:07.659Z",
+  "updatedAt": "2026-06-24T02:01:40.611Z",
   "entries": [
     "00-andruia-consultant",
     "007",

package/bundled-skills/007/scripts/full_audit.py

@@ -853,10 +853,17 @@ def _generate_markdown_report(
         lines.append("")
         lines.append("| Check | Status | Details | Scanner |")
         lines.append("|-------|--------|---------|---------|")
+        def format_status(status: str) -> str:
+            if status == "PASS":
+                return "[PASS]"
+            if status == "WARN":
+                return "[WARN]"
+            if status == "FAIL":
+                return "[FAIL]"
+            return status
+
         for item in p3.get("checklist", []):
-            status_icon = {"PASS": "[PASS]", "WARN": "[WARN]", "FAIL": "[FAIL]"}.get(
-                item["status"], item["status"]
-            )
+            status_icon = format_status(item["status"])
             lines.append(
                 f"| {item['check']} | {status_icon} | {item['details']} | {item['scanner']} |"
             )

package/bundled-skills/2slides-ppt-generator/requirements.txt

@@ -1 +1,3 @@
-requests>=2.31.0
+requests>=2.33.0
+urllib3>=2.7.0
+idna>=3.15

package/bundled-skills/2slides-ppt-generator/scripts/download_slides_pages_voices.py

@@ -8,11 +8,33 @@ import os
 import sys
 import json
 import argparse
+import ipaddress
+import re
+import socket
 import requests
+from urllib.parse import urlparse
 from typing import Optional, Dict, Any
 
 
 API_BASE_URL = "https://2slides.com/api/v1"
+JOB_ID_RE = re.compile(r"^[A-Za-z0-9_-]+$")
+
+
+def validate_job_id(job_id: str) -> str:
+    if not JOB_ID_RE.match(job_id or ""):
+        raise ValueError("Job ID contains unsupported characters")
+    return job_id
+
+
+def validate_public_https_url(url: str) -> str:
+    parsed = urlparse(url)
+    if parsed.scheme != "https" or not parsed.hostname:
+        raise ValueError("Download URL must be HTTPS")
+    for info in socket.getaddrinfo(parsed.hostname, None):
+        ip = ipaddress.ip_address(info[4][0])
+        if ip.is_private or ip.is_loopback or ip.is_link_local or ip.is_reserved:
+            raise ValueError("Download URL resolves to a non-public address")
+    return url
 
 
 def get_api_key() -> str:
@@ -51,6 +73,7 @@ def download_slides_pages_voices(
     """
     if api_key is None:
         api_key = get_api_key()
+    job_id = validate_job_id(job_id)
 
     headers = {
         "Authorization": f"Bearer {api_key}",
@@ -83,6 +106,7 @@ def download_slides_pages_voices(
     download_url = data.get("downloadUrl")
     if not download_url:
         raise ValueError("No download URL in response")
+    download_url = validate_public_https_url(download_url)
 
     # Optional: log additional info
     file_name = data.get("fileName", "unknown.zip")

package/bundled-skills/2slides-ppt-generator/scripts/get_job_status.py

@@ -7,11 +7,27 @@ import os
 import sys
 import json
 import argparse
+import re
 import requests
+from urllib.parse import urlparse
 from typing import Optional, Dict, Any
 
 
 API_BASE_URL = "https://2slides.com/api/v1"
+JOB_ID_RE = re.compile(r"^[A-Za-z0-9_-]+$")
+
+
+def validate_job_id(job_id: str) -> str:
+    if not JOB_ID_RE.match(job_id or ""):
+        raise ValueError("Job ID contains unsupported characters")
+    return job_id
+
+
+def validate_api_url(url: str) -> str:
+    parsed = urlparse(url)
+    if parsed.scheme != "https" or parsed.hostname != "2slides.com" or not parsed.path.startswith("/api/v1/jobs/"):
+        raise ValueError("Refusing unsafe 2slides API URL")
+    return url
 
 
 def get_api_key() -> str:
@@ -41,13 +57,14 @@ def get_job_status(
     """
     if api_key is None:
         api_key = get_api_key()
+    job_id = validate_job_id(job_id)
 
     headers = {
         "Authorization": f"Bearer {api_key}",
         "Content-Type": "application/json"
     }
 
-    url = f"{API_BASE_URL}/jobs/{job_id}"
+    url = validate_api_url(f"{API_BASE_URL}/jobs/{job_id}")
 
     print(f"Checking job status: {job_id}...", file=sys.stderr)
     response = requests.get(url, headers=headers)

package/bundled-skills/agent-creator/SKILL.md

@@ -4,6 +4,10 @@ description: "Create custom AI subagents with proper plugin structure, persona g
 risk: critical
 source: community
 date_added: "2026-06-20"
+plugin:
+  targets:
+    codex: blocked
+    claude: blocked
 ---
 
 # Agent Creator
@@ -37,6 +41,13 @@ If the user wants the agent inside an **existing plugin**, add the agent folder
 to that plugin's `agents/` directory. If no plugin is specified, create a new
 plugin named `<agent-name>-plugin`.
 
+Before creating any path, validate both `<agent-name>` and `<plugin-name>`:
+
+- accept only lowercase letters, numbers, and single hyphens: `^[a-z0-9]+(-[a-z0-9]+)*$`
+- reject `/`, `\`, `.`, `..`, absolute paths, whitespace, shell metacharacters, and YAML metacharacters
+- resolve the final target path and verify it stays under `<appDataDir>\config\plugins\`
+- stop and ask for a safe replacement instead of sanitizing a suspicious name silently
+
 ## Workflow
 
 Follow these steps in order. Do NOT skip the interview — even a one-line
@@ -124,7 +135,7 @@ Write the `<agent-name>.md` file in the `agents/` folder following this exact st
 ---
 name: <agent-name>
 description: <One-line summary of what this agent does.>
-tools: ["Read", "Grep", "Glob", "Bash"]
+tools: ["Read", "Grep", "Glob"]
 model: <current-model>
 ---
 
@@ -160,6 +171,9 @@ model: <current-model>
 <A checklist the agent should mentally run through before returning its response, to ensure quality.>
 ```
 
+Grant `Bash` only when the user explicitly asks for command execution and the
+agent's task genuinely needs it. Keep the default tool set read-only.
+
 ### Step 6: Write the companion routing skill (if requested)
 
 Create a `SKILL.md` inside `skills/use-<agent-name>/` that tells the main

package/bundled-skills/agent-orchestrator/scripts/scan_registry.py

@@ -132,9 +132,9 @@ CAPABILITY_MAP = {
 
 # ── Utility Functions ──────────────────────────────────────────────────────
 
-def md5_file(path: Path) -> str:
-    """Compute MD5 hash of a file."""
-    h = hashlib.md5()
+def sha256_file(path: Path) -> str:
+    """Compute SHA-256 hash of a file."""
+    h = hashlib.sha256()
     with open(path, "rb") as f:
         for chunk in iter(lambda: f.read(8192), b""):
             h.update(chunk)
@@ -382,7 +382,7 @@ def scan(force: bool = False) -> dict:
     changed = False
 
     for path_str, path_obj in current_paths.items():
-        current_hash = md5_file(path_obj)
+        current_hash = sha256_file(path_obj)
         new_hashes[path_str] = current_hash
 
         if force or path_str not in stored_hashes or stored_hashes[path_str] != current_hash:

package/bundled-skills/android-dev/references/hybrid.md

@@ -74,7 +74,7 @@ const config: CapacitorConfig = {
 
 ```typescript
 import { Camera, CameraResultType } from '@capacitor/camera';
-import { Preferences } from '@capacitor/preferences';
+import { SecureStorage } from '@aparajita/capacitor-secure-storage';
 import { PushNotifications } from '@capacitor/push-notifications';
 import { Geolocation } from '@capacitor/geolocation';
 
@@ -107,8 +107,8 @@ const initPush = async () => {
   if (permission.receive === 'granted') {
     await PushNotifications.register();
   }
-  PushNotifications.addListener('registration', ({ value: token }) => {
-    console.log('FCM Token:', token);
+  PushNotifications.addListener('registration', () => {
+    console.log('Push registration succeeded');
   });
 };
 ```

package/bundled-skills/android-dev/references/react-native.md

@@ -67,24 +67,27 @@ export const RootNavigator = () => {
 // Store secrets with a platform-backed module such as react-native-keychain
 // or expo-secure-store, and persist only non-sensitive UI state here.
 interface AuthState {
-  token: string | null;
   isLoggedIn: boolean;
-  setToken: (token: string) => void;
+  setLoggedIn: (value: boolean) => void;
   logout: () => void;
 }
 
 export const useAuthStore = create<AuthState>()(
   persist(
     (set) => ({
-      token: null,
       isLoggedIn: false,
-      setToken: (token) => set({ token, isLoggedIn: true }),
-      logout: () => set({ token: null, isLoggedIn: false }),
+      setLoggedIn: (value) => set({ isLoggedIn: value }),
+      logout: () => set({ isLoggedIn: false }),
     }),
     { name: 'auth-ui-storage', storage: createJSONStorage(() => mmkvStorage) }
   )
 );
 
+// Keep tokens outside persisted app state.
+const getSecureToken = () => Keychain.getGenericPassword().then((r) => (r ? r.password : null));
+const saveSecureToken = (token: string) => Keychain.setGenericPassword('auth', token);
+const clearSecureToken = () => Keychain.resetGenericPassword();
+
 // Server state — React Query
 export const useItems = () =>
   useQuery({
@@ -142,8 +145,8 @@ const apiClient = axios.create({
 });
 
 // Auth token injection
-apiClient.interceptors.request.use((config) => {
-  const token = useAuthStore.getState().token;
+apiClient.interceptors.request.use(async (config) => {
+  const token = await getSecureToken();
   if (token) config.headers.Authorization = `Bearer ${token}`;
   return config;
 });
@@ -155,9 +158,11 @@ apiClient.interceptors.response.use(
     if (error.response?.status === 401) {
       const newToken = await refreshToken();
       if (newToken) {
-        useAuthStore.getState().setToken(newToken);
+        await saveSecureToken(newToken);
+        useAuthStore.getState().setLoggedIn(true);
         return apiClient(error.config!);
       }
+      await clearSecureToken();
       useAuthStore.getState().logout();
     }
     return Promise.reject(error);
@@ -196,6 +201,7 @@ const getItems = async (): Promise<Item[]> => {
     "zustand": "^4.5.4",
     "axios": "^1.7.2",
     "zod": "^3.23.8",
+    "react-native-keychain": "^8.2.0",
     "react-native-mmkv": "^2.12.2",
     "react-native-safe-area-context": "^4.10.1",
     "react-native-screens": "^3.32.0"

package/bundled-skills/competitor-analysis/scripts/compile_report.mjs

@@ -7,7 +7,7 @@
 // Usage: node compile_report.mjs <research-dir> [--user-company "Acme"] [--template <path>] [--open]
 
 import { readdirSync, readFileSync, writeFileSync, existsSync, mkdirSync } from 'fs';
-import { join, dirname } from 'path';
+import { basename, dirname, join, relative, resolve } from 'path';
 import { fileURLToPath } from 'url';
 import { parseFrontmatter, parseBody, parseSections } from './md_utils.mjs';
 
@@ -15,6 +15,68 @@ const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
 
 const args = process.argv.slice(2);
+const SAFE_SLUG_RE = /^[A-Za-z0-9][A-Za-z0-9._-]*$/;
+
+function safeJoin(base, ...parts) {
+  const root = resolve(base);
+  const target = resolve(root, ...parts);
+  const rel = relative(root, target);
+  if (rel.startsWith('..') || rel.startsWith('/')) {
+    throw new Error(`Path escapes research directory: ${parts.join('/')}`);
+  }
+  return target;
+}
+
+function safeResearchDir(rawDir) {
+  if (typeof rawDir !== 'string' || !rawDir.trim() || rawDir.includes('\0')) {
+    throw new Error('Research directory is required');
+  }
+  const root = resolve(process.cwd());
+  const target = resolve(root, rawDir);
+  const rel = relative(root, target);
+  if ((rel.startsWith('..') || rel.startsWith('/')) && process.env.COMPETITOR_ANALYSIS_ALLOW_EXTERNAL_DIR !== '1') {
+    throw new Error('Research directory must stay under the current working directory');
+  }
+  return target;
+}
+
+function safeTemplatePath(researchDir, rawPath) {
+  if (typeof rawPath !== 'string' || !rawPath.trim() || rawPath.includes('\0')) {
+    throw new Error('Template path is required');
+  }
+  const candidate = safeJoin(researchDir, rawPath);
+  if (!candidate.endsWith('.html')) {
+    throw new Error('Template path must point to an .html file inside the research directory');
+  }
+  return candidate;
+}
+
+function safeSlug(slug) {
+  if (!SAFE_SLUG_RE.test(slug) || slug.includes('..')) {
+    throw new Error(`Unsafe competitor slug: ${slug}`);
+  }
+  return slug;
+}
+
+function selfTest() {
+  const root = resolve('/tmp/research');
+  if (safeJoin(root, 'competitors', 'acme.html') !== resolve(root, 'competitors', 'acme.html')) {
+    throw new Error('safeJoin failed valid path');
+  }
+  for (const bad of ['../x', 'competitors/../../x']) {
+    try { safeJoin(root, bad); } catch { continue; }
+    throw new Error(`safeJoin accepted ${bad}`);
+  }
+  for (const bad of ['../acme', 'bad/name', '..']) {
+    try { safeSlug(bad); } catch { continue; }
+    throw new Error(`safeSlug accepted ${bad}`);
+  }
+}
+
+if (args.includes('--self-test')) {
+  selfTest();
+  process.exit(0);
+}
 
 if (args.includes('--help') || args.includes('-h') || args.length === 0) {
   console.error(`Usage: node compile_report.mjs <research-dir> [--user-company "<name>"] [--template <path>] [--open]
@@ -34,12 +96,12 @@ Options:
   process.exit(args.includes('--help') || args.includes('-h') ? 0 : 1);
 }
 
-const dir = args[0];
+const dir = safeResearchDir(args[0]);
 const shouldOpen = args.includes('--open');
 const userCompanyIdx = args.indexOf('--user-company');
 const userCompany = userCompanyIdx !== -1 ? args[userCompanyIdx + 1] : '';
 const templateIdx = args.indexOf('--template');
-let templatePath = templateIdx !== -1 ? args[templateIdx + 1] : null;
+let templatePath = templateIdx !== -1 ? safeTemplatePath(dir, args[templateIdx + 1]) : null;
 
 if (!templatePath) {
   const candidates = [
@@ -226,14 +288,14 @@ function mdToHtml(md) {
 
 const competitors = [];
 for (const file of files) {
-  const content = readFileSync(join(dir, file), 'utf-8');
+  const content = readFileSync(safeJoin(dir, file), 'utf-8');
   const fields = parseFrontmatter(content);
   if (!fields) continue;
   const body = parseBody(content);
   const sections = parseSections(body);
   const mentions = parseMentions(sections['Mentions']);
   const benchmarks = parseBenchmarks(sections['Benchmarks']);
-  const slug = file.replace('.md', '');
+  const slug = safeSlug(file.replace('.md', ''));
   competitors.push({ ...fields, body, sections, mentions, benchmarks, slug, file });
 }
 
@@ -253,7 +315,7 @@ const deduped = [...seen.values()].sort((a, b) => (a.competitor_name || '').loca
 // whole matrix. Keep this block above the first use site to avoid temporal dead zones.
 let curatedMatrix = null;
 try {
-  const p = join(dir, 'matrix.json');
+  const p = safeJoin(dir, 'matrix.json');
   if (existsSync(p)) curatedMatrix = JSON.parse(readFileSync(p, 'utf-8'));
 } catch (err) {
   console.error(`Warning: matrix.json present but unreadable — falling back to pipe split. ${err.message}`);
@@ -288,7 +350,7 @@ const totalMentions = competitorRows.reduce((sum, c) => sum + c.mentions.length,
 const totalBenchmarks = competitorRows.reduce((sum, c) => sum + c.benchmarks.length, 0);
 const withPricing = competitorRows.filter(c => c.pricing_tiers).length;
 
-const dirName = dir.split('/').pop();
+const dirName = basename(dir);
 const title = dirName.replace(/_/g, ' ').replace(/-/g, ' ').replace(/\b\w/g, c => c.toUpperCase());
 const genDate = new Date().toLocaleDateString('en-US', { year: 'numeric', month: 'long', day: 'numeric' });
 const metaLine = `${competitorRows.length} competitors · ${totalMentions} mentions · ${totalBenchmarks} benchmarks · ${genDate}`;
@@ -433,11 +495,11 @@ let indexHtml = template
   .replace(/\{\{STRATEGIC_SUMMARY\}\}/g, strategicSummary)
   .replace(/\{\{TABLE_ROWS\}\}/g, tableRows);
 
-writeFileSync(join(dir, 'index.html'), indexHtml);
+writeFileSync(safeJoin(dir, 'index.html'), indexHtml);
 
 // ---------- competitors/{slug}.html ----------
 
-try { mkdirSync(join(dir, 'competitors'), { recursive: true }); } catch {}
+try { mkdirSync(safeJoin(dir, 'competitors'), { recursive: true }); } catch {}
 
 const perCompetitorCss = `
   :root { --brand:#F03603; --blue:#4DA9E4; --black:#100D0D; --gray:#514F4F; --border:#edebeb; --bg:#F9F6F4; --card:#ffffff; --text:#100D0D; --muted:#514F4F; }
@@ -528,7 +590,7 @@ for (const c of competitorRows) {
   const findingsHtml = c.sections['Research Findings'] ? `<h2>Research Findings</h2>${mdToHtml(c.sections['Research Findings'])}` : '';
 
   // Screenshot — filename matches capture_screenshots.mjs output.
-  const heroShot = existsSync(join(dir, 'screenshots', `${c.slug}-hero.png`));
+  const heroShot = existsSync(safeJoin(dir, 'screenshots', `${c.slug}-hero.png`));
   const screenshotsHtml = heroShot ? `
   <div class="shots">
     <div class="shot shot-hero"><div class="shot-label">Homepage</div><img src="../screenshots/${escapeHtml(c.slug)}-hero.png" alt="${escapeHtml(c.competitor_name)} homepage hero" loading="lazy"></div>
@@ -586,7 +648,7 @@ for (const c of competitorRows) {
 </body>
 </html>`;
 
-  writeFileSync(join(dir, 'competitors', `${c.slug}.html`), companyHtml);
+  writeFileSync(safeJoin(dir, 'competitors', `${c.slug}.html`), companyHtml);
 }
 
 // ---------- matrix.html (side-by-side) ----------
@@ -739,7 +801,7 @@ const matrixHtml = `<!DOCTYPE html>
 </body>
 </html>`;
 
-writeFileSync(join(dir, 'matrix.html'), matrixHtml);
+writeFileSync(safeJoin(dir, 'matrix.html'), matrixHtml);
 
 // ---------- mentions.html (feed + filter) ----------
 
@@ -870,7 +932,7 @@ const mentionsHtml = `<!DOCTYPE html>
 </body>
 </html>`;
 
-writeFileSync(join(dir, 'mentions.html'), mentionsHtml);
+writeFileSync(safeJoin(dir, 'mentions.html'), mentionsHtml);
 
 // ---------- CSV ----------
 
@@ -900,7 +962,7 @@ function csvEscape(v) {
 
 const csvLines = [cols.join(',')];
 for (const row of flatRows) csvLines.push(cols.map(c => csvEscape(row[c] || '')).join(','));
-writeFileSync(join(dir, 'results.csv'), csvLines.join('\n') + '\n');
+writeFileSync(safeJoin(dir, 'results.csv'), csvLines.join('\n') + '\n');
 
 // ---------- Summary ----------
 
@@ -911,19 +973,19 @@ console.error(JSON.stringify({
   with_pricing: withPricing,
   user_company: userCompany,
   files_generated: {
-    index: join(dir, 'index.html'),
-    matrix: join(dir, 'matrix.html'),
-    mentions: join(dir, 'mentions.html'),
+    index: safeJoin(dir, 'index.html'),
+    matrix: safeJoin(dir, 'matrix.html'),
+    mentions: safeJoin(dir, 'mentions.html'),
     competitors: competitorRows.filter(c => c.body && c.body.length > 50).length,
-    csv: join(dir, 'results.csv')
+    csv: safeJoin(dir, 'results.csv')
   }
 }, null, 2));
 
-console.log(join(dir, 'index.html'));
+console.log(safeJoin(dir, 'index.html'));
 
 if (shouldOpen) {
   const { execFileSync } = await import('child_process');
   // Use execFileSync (not execSync with string interpolation) so a `dir` containing
   // shell metacharacters like `"`, `$`, or backticks can't break out into command exec.
-  try { execFileSync('open', [join(dir, 'index.html')]); } catch {}
+  try { execFileSync('open', [safeJoin(dir, 'index.html')]); } catch {}
 }

package/bundled-skills/diary/requirements.txt

@@ -1 +1,3 @@
-requests
+requests>=2.33.0
+urllib3>=2.7.0
+idna>=3.15

package/bundled-skills/docs/users/getting-started.md

@@ -1,4 +1,4 @@
-# Getting Started with Antigravity Awesome Skills (V13.1.0)
+# Getting Started with Antigravity Awesome Skills (V13.1.1)
 
 **New here? This guide will help you supercharge your AI Agent in 5 minutes.**
 

package/bundled-skills/docx-official/ooxml/scripts/validation/base.py

@@ -3,11 +3,29 @@ Base validator with common validation logic for document files.
 """
 
 import re
+import shutil
 from pathlib import Path
 
 import lxml.etree
 
 
+def safe_extract_all(zip_ref, destination):
+    """Extract a zip archive without allowing members to escape destination."""
+    destination = Path(destination).resolve()
+    for member in zip_ref.infolist():
+        target = (destination / member.filename).resolve()
+        try:
+            target.relative_to(destination)
+        except ValueError as exc:
+            raise ValueError(f"Unsafe archive member: {member.filename}") from exc
+        if member.is_dir():
+            target.mkdir(parents=True, exist_ok=True)
+            continue
+        target.parent.mkdir(parents=True, exist_ok=True)
+        with zip_ref.open(member) as src, target.open("wb") as dst:
+            shutil.copyfileobj(src, dst)
+
+
 class BaseSchemaValidator:
     """Base validator with common validation logic for document files."""
 
@@ -888,7 +906,7 @@ class BaseSchemaValidator:
 
             # Extract original file
             with zipfile.ZipFile(self.original_file, "r") as zip_ref:
-                zip_ref.extractall(temp_path)
+                safe_extract_all(zip_ref, temp_path)
 
             # Find corresponding file in original
             original_xml_file = temp_path / relative_path

package/bundled-skills/docx-official/ooxml/scripts/validation/docx.py

@@ -3,14 +3,33 @@ Validator for Word document XML files against XSD schemas.
 """
 
 import re
+import shutil
 import tempfile
 import zipfile
+from pathlib import Path
 
 import lxml.etree
 
 from .base import BaseSchemaValidator
 
 
+def safe_extract_all(zip_ref, destination):
+    """Extract a zip archive without allowing members to escape destination."""
+    destination = Path(destination).resolve()
+    for member in zip_ref.infolist():
+        target = (destination / member.filename).resolve()
+        try:
+            target.relative_to(destination)
+        except ValueError as exc:
+            raise ValueError(f"Unsafe archive member: {member.filename}") from exc
+        if member.is_dir():
+            target.mkdir(parents=True, exist_ok=True)
+            continue
+        target.parent.mkdir(parents=True, exist_ok=True)
+        with zip_ref.open(member) as src, target.open("wb") as dst:
+            shutil.copyfileobj(src, dst)
+
+
 class DOCXSchemaValidator(BaseSchemaValidator):
     """Validator for Word document XML files against XSD schemas."""
 
@@ -198,7 +217,7 @@ class DOCXSchemaValidator(BaseSchemaValidator):
             with tempfile.TemporaryDirectory() as temp_dir:
                 # Unpack original docx
                 with zipfile.ZipFile(self.original_file, "r") as zip_ref:
-                    zip_ref.extractall(temp_dir)
+                    safe_extract_all(zip_ref, temp_dir)
 
                 # Parse document.xml
                 doc_xml_path = temp_dir + "/word/document.xml"

package/bundled-skills/docx-official/ooxml/scripts/validation/redlining.py

@@ -2,11 +2,31 @@
 Validator for tracked changes in Word documents.
 """
 
+import shutil
 import subprocess
 import tempfile
 import zipfile
 from pathlib import Path
 
+from defusedxml import ElementTree as ET
+
+
+def safe_extract_all(zip_ref, destination):
+    """Extract a zip archive without allowing members to escape destination."""
+    destination = Path(destination).resolve()
+    for member in zip_ref.infolist():
+        target = (destination / member.filename).resolve()
+        try:
+            target.relative_to(destination)
+        except ValueError as exc:
+            raise ValueError(f"Unsafe archive member: {member.filename}") from exc
+        if member.is_dir():
+            target.mkdir(parents=True, exist_ok=True)
+            continue
+        target.parent.mkdir(parents=True, exist_ok=True)
+        with zip_ref.open(member) as src, target.open("wb") as dst:
+            shutil.copyfileobj(src, dst)
+
 
 class RedliningValidator:
     """Validator for tracked changes in Word documents."""
@@ -29,8 +49,6 @@ class RedliningValidator:
 
         # First, check if there are any tracked changes by Claude to validate
         try:
-            import xml.etree.ElementTree as ET
-
             tree = ET.parse(modified_file)
             root = tree.getroot()
 
@@ -67,7 +85,7 @@ class RedliningValidator:
             # Unpack original docx
             try:
                 with zipfile.ZipFile(self.original_docx, "r") as zip_ref:
-                    zip_ref.extractall(temp_path)
+                    safe_extract_all(zip_ref, temp_path)
             except Exception as e:
                 print(f"FAILED - Error unpacking original docx: {e}")
                 return False
@@ -81,8 +99,6 @@ class RedliningValidator:
 
             # Parse both XML files using xml.etree.ElementTree for redlining validation
             try:
-                import xml.etree.ElementTree as ET
-
                 modified_tree = ET.parse(modified_file)
                 modified_root = modified_tree.getroot()
                 original_tree = ET.parse(original_file)

package/bundled-skills/ecl-harness-engineer/references/environment-detection-guide.md

@@ -81,7 +81,7 @@ harness/
       },
       "test_alternatives": {
         "sqlite_in_memory": "DB_DRIVER=sqlite3 DB_URL=:memory:",
-        "docker": "docker run -d --name test-pg -p 5433:5432 -e POSTGRES_PASSWORD=test postgres:16"
+        "docker": "docker run -d --name test-pg -p 127.0.0.1:5433:5432 -e POSTGRES_PASSWORD=test postgres:16"
       }
     }
   ],