From 3a3fb6cbe2035d74e01f2166d30864367e1e2a0f Mon Sep 17 00:00:00 2001
From: Suhaib Janjua <suhaib.janjua@gmail.com>
Date: Tue, 17 Mar 2026 16:19:08 +0500
Subject: [PATCH] docs: align FAQ risk labels with frontmatter values and add
 skill-review guidance (#330)

---
 docs/users/faq.md             | 22 ++++++++++++++++++----
 docs/users/getting-started.md |  2 +-
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/docs/users/faq.md b/docs/users/faq.md
index a8b2d101..96c5071a 100644
--- a/docs/users/faq.md
+++ b/docs/users/faq.md
@@ -71,11 +71,13 @@ The skill files themselves are stored locally on your computer, but your AI assi
 
 ### What do the Risk Labels mean?
 
-We classify skills so you know what you're running:
+We classify skills so you know what you're running. These values map directly to the `risk:` field in every `SKILL.md` frontmatter:
 
-- ⚪ **Safe (White/Blue)**: Read-only, planning, or benign skills.
-- 🔴 **Risk (Red)**: Skills that modify files (delete), use network scanners, or perform destructive actions. **Use with caution.**
-- 🟣 **Official (Purple)**: Maintained by trusted vendors (Anthropic, DeepMind, etc.).
+- 🔵 **`none`**: Pure reference or planning content — no shell commands, no mutations, no network access.
+- ⚪ **`safe`**: Community skills that are non-destructive (read-only, planning, code review, analysis).
+- 🔴 **`critical`**: Skills that modify files, drop data, use network scanners, or perform destructive actions. **Use with caution.**
+- 🟣 **`offensive`**: Security-focused offensive techniques (pentesting, exploitation). **Authorized use only** — always confirm the target is in scope.
+- ⬜ **`unknown`**: Legacy or unclassified content. Review the skill manually before use.
 
 ### Can these skills hack my computer?
 
@@ -237,6 +239,18 @@ Common fixes:
 <!-- security-allowlist: reason and scope -->
 ```
 
+### My PR triggered the `skill-review` automated check. What is it?
+
+Since v8.0.0, GitHub automatically runs a `skill-review` workflow on any PR that adds or modifies a `SKILL.md` file. It reviews your skill against the quality bar and flags common issues — missing sections, weak triggers, or risky command patterns.
+
+**If it reports findings:**
+
+1. Open the **Checks** tab on your PR and read the `skill-review` job output.
+2. Address any **actionable** findings (missing "When to Use", unclear triggers, blocked security patterns).
+3. Push a new commit to the same branch — the check reruns automatically.
+
+You do not need to close and reopen the PR. Informational or style-only findings do not block merging.
+
 ### Can I update an "Official" skill?
 
 **No.** Official skills (in `skills/official/`) are mirrored from vendors. Open an issue instead.
diff --git a/docs/users/getting-started.md b/docs/users/getting-started.md
index 7920aaf2..1e964d31 100644
--- a/docs/users/getting-started.md
+++ b/docs/users/getting-started.md
@@ -1,4 +1,4 @@
-# Getting Started with Antigravity Awesome Skills (V7.9.1)
+# Getting Started with Antigravity Awesome Skills (V8.0.0)
 
 **New here? This guide will help you supercharge your AI Agent in 5 minutes.**