From 40fbfdaebbcdbf1e51c2c9d01eb65f6c268d3fce Mon Sep 17 00:00:00 2001
From: Dear Martinez <dearmartinez@gmail.com>
Date: Sun, 8 Mar 2026 03:35:15 -0400
Subject: [PATCH] Purging README.md (#236)

* feat: add my audit-skills for audit safe skills

* feat: add my audit-skills for audit safe skills

* chore: sync generated registry files [ci skip]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
---
 CATALOG.md                   |   5 +-
 README.md                    |  12 ++--
 data/bundles.json            |   3 +
 data/catalog.json            |  30 +++++++-
 skills/audit-skills/SKILL.md | 128 +++++++++++++++++++++++++++++++++++
 skills_index.json            |  10 +++
 6 files changed, 179 insertions(+), 9 deletions(-)
 create mode 100644 skills/audit-skills/SKILL.md

diff --git a/CATALOG.md b/CATALOG.md
index 4f4c4149..38ccb7d3 100644
--- a/CATALOG.md
+++ b/CATALOG.md
@@ -2,7 +2,7 @@
 
 Generated at: 2026-02-08T00:00:00.000Z
 
-Total skills: 1272
+Total skills: 1273
 
 ## architecture (79)
 
@@ -1080,7 +1080,7 @@ distri... | makepad, deployment | makepad, deployment, critical, packaging, trig
 | `workflow-automation` | Workflow automation is the infrastructure that makes AI agents reliable. Without durable execution, a network hiccup during a 10-step payment flow means lost... |  | automation, infrastructure, makes, ai, agents, reliable, without, durable, execution, network, hiccup, during |
 | `x-twitter-scraper` | X (Twitter) data platform skill — tweet search, user lookup, follower extraction, engagement metrics, giveaway draws, monitoring, webhooks, 19 extraction too... | [twitter, x-api, scraping, mcp, social-media, data-extraction, giveaway, monitoring, webhooks] | [twitter, x-api, scraping, mcp, social-media, data-extraction, giveaway, monitoring, webhooks], twitter, scraper, data |
 
-## security (148)
+## security (149)
 
 | Skill | Description | Tags | Triggers |
 | --- | --- | --- | --- |
@@ -1096,6 +1096,7 @@ distri... | makepad, deployment | makepad, deployment, critical, packaging, trig
 | `api-security-testing` | API security testing workflow for REST and GraphQL APIs covering authentication, authorization, rate limiting, input validation, and security best practices. | api, security | api, security, testing, rest, graphql, apis, covering, authentication, authorization, rate, limiting, input |
 | `attack-tree-construction` | Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to s... | attack, tree, construction | attack, tree, construction, trees, visualize, threat, paths, mapping, scenarios, identifying, defense, gaps |
 | `audit-context-building` | Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding. | audit, building | audit, building, context, enables, ultra, granular, line, code, analysis, deep, architectural, before |
+| `audit-skills` | Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks,... | security, audit, skills, bundles, cross-platform | security, audit, skills, bundles, cross-platform, auditor, ai, performs, non, intrusive, static, analysis |
 | `auth-implementation-patterns` | Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use wh... | auth | auth, authentication, authorization, including, jwt, oauth2, session, rbac, secure, scalable, access, control |
 | `aws-penetration-testing` | This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalatio... | aws, penetration | aws, penetration, testing, skill, should, used, user, asks, pentest, test, security, enumerate |
 | `azure-cosmos-db-py` | Build Azure Cosmos DB NoSQL services with Python/FastAPI following production-grade patterns. Use when implementing database client setup with dual auth (Def... | azure, cosmos, db, py | azure, cosmos, db, py, nosql, python, fastapi, following, grade, implementing, database, client |
diff --git a/README.md b/README.md
index 7bfd1f1d..edf11a71 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
-<!-- registry-sync: version=7.1.0; skills=1272; stars=21225; updated_at=2026-03-07T11:47:20+00:00 -->
-# 🌌 Antigravity Awesome Skills: 1,272+ Agentic Skills for Claude Code, Gemini CLI, Cursor, Copilot & More
+<!-- registry-sync: version=7.1.0; skills=1273; stars=21393; updated_at=2026-03-07T21:46:49+00:00 -->
+# 🌌 Antigravity Awesome Skills: 1,273+ Agentic Skills for Claude Code, Gemini CLI, Cursor, Copilot & More
 
-> **The Ultimate Collection of 1,272+ Universal Agentic Skills for AI Coding Assistants — Claude Code, Gemini CLI, Codex CLI, Antigravity IDE, GitHub Copilot, Cursor, OpenCode, AdaL**
+> **The Ultimate Collection of 1,273+ Universal Agentic Skills for AI Coding Assistants — Claude Code, Gemini CLI, Codex CLI, Antigravity IDE, GitHub Copilot, Cursor, OpenCode, AdaL**
 
 [![GitHub stars](https://img.shields.io/badge/⭐%2021%2C000%2B%20Stars-gold?style=for-the-badge)](https://github.com/sickn33/antigravity-awesome-skills/stargazers)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
@@ -18,7 +18,7 @@
 [![Web App](https://img.shields.io/badge/Web%20App-Browse%20Skills-blue)](apps/web-app)
 [![Buy Me a Book](https://img.shields.io/badge/Buy%20me%20a-book-d13610?logo=buymeacoffee&logoColor=white)](https://buymeacoffee.com/sickn33)
 
-**Antigravity Awesome Skills** is a curated, battle-tested library of **1,272+ high-performance agentic skills** designed to work seamlessly across the major AI coding assistants.
+**Antigravity Awesome Skills** is a curated, battle-tested library of **1,273+ high-performance agentic skills** designed to work seamlessly across the major AI coding assistants.
 
 **Welcome to the V7.1.0 21k Stars Patch Release!** This repository gives your agent reusable playbooks for planning, coding, debugging, testing, security review, infrastructure work, product thinking, and much more.
 
@@ -34,7 +34,7 @@
 - [🎁 Curated Collections (Bundles)](#curated-collections)
 - [🧭 Antigravity Workflows](#antigravity-workflows)
 - [📦 Features & Categories](#features--categories)
-- [📚 Browse 1,272+ Skills](#browse-1272-skills)
+- [📚 Browse 1,273+ Skills](#browse-1273-skills)
 - [🤝 How to Contribute](#how-to-contribute)
 - [💬 Community](#community)
 - [☕ Support the Project](#support-the-project)
@@ -287,7 +287,7 @@ The repository is organized into specialized domains to transform your AI into a
 
 Counts change as new skills are added. For the current full registry, see [CATALOG.md](CATALOG.md).
 
-## Browse 1,272+ Skills
+## Browse 1,273+ Skills
 
 - Open the interactive browser in [`apps/web-app`](apps/web-app).
 - Read the full catalog in [`CATALOG.md`](CATALOG.md).
diff --git a/data/bundles.json b/data/bundles.json
index a5359e7a..ac167883 100644
--- a/data/bundles.json
+++ b/data/bundles.json
@@ -29,6 +29,7 @@
         "architecture-patterns",
         "astropy",
         "async-python-patterns",
+        "audit-skills",
         "aws-serverless",
         "azure-ai-agents-persistent-java",
         "azure-ai-anomalydetector-java",
@@ -323,6 +324,7 @@
         "api-security-testing",
         "attack-tree-construction",
         "audit-context-building",
+        "audit-skills",
         "auth-implementation-patterns",
         "aws-penetration-testing",
         "azure-cosmos-db-py",
@@ -492,6 +494,7 @@
         "apify-ultimate-scraper",
         "appdeploy",
         "astropy",
+        "audit-skills",
         "azure-ai-document-intelligence-dotnet",
         "azure-ai-document-intelligence-ts",
         "azure-ai-textanalytics-py",
diff --git a/data/catalog.json b/data/catalog.json
index 79e16a83..71f508a1 100644
--- a/data/catalog.json
+++ b/data/catalog.json
@@ -1,6 +1,6 @@
 {
   "generatedAt": "2026-02-08T00:00:00.000Z",
-  "total": 1272,
+  "total": 1273,
   "skills": [
     {
       "id": "00-andruia-consultant",
@@ -2382,6 +2382,34 @@
       ],
       "path": "skills/audit-context-building/SKILL.md"
     },
+    {
+      "id": "audit-skills",
+      "name": "audit-skills",
+      "description": "Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).",
+      "category": "security",
+      "tags": [
+        "security",
+        "audit",
+        "skills",
+        "bundles",
+        "cross-platform"
+      ],
+      "triggers": [
+        "security",
+        "audit",
+        "skills",
+        "bundles",
+        "cross-platform",
+        "auditor",
+        "ai",
+        "performs",
+        "non",
+        "intrusive",
+        "static",
+        "analysis"
+      ],
+      "path": "skills/audit-skills/SKILL.md"
+    },
     {
       "id": "auri-core",
       "name": "auri-core",
diff --git a/skills/audit-skills/SKILL.md b/skills/audit-skills/SKILL.md
new file mode 100644
index 00000000..0422605b
--- /dev/null
+++ b/skills/audit-skills/SKILL.md
@@ -0,0 +1,128 @@
+---
+name: audit-skills
+description: "Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS)."
+category: security
+risk: safe
+source: community
+date_added: "2026-03-07"
+author: MAIOStudio
+tags: [security, audit, skills, bundles, cross-platform]
+tools: [claude, gemini, gpt, llama, mistral, etc]
+---
+
+# Audit Skills (Premium Universal Security)
+
+## Overview
+
+Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).
+2-4 sentences is perfect.
+
+## When to Use This Skill
+
+- Use when you need to audit AI skills and bundles for security vulnerabilities
+- Use when working with cross-platform security analysis
+- Use when the user asks about verifying skill legitimacy or performing security reviews
+- Use when scanning for mobile threats in AI skills
+
+## How It Works
+
+### Step 1: Static Analysis
+
+Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads.
+
+### Step 2: Platform-Specific Threat Detection
+
+Analyzes code for platform-specific security issues across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).
+
+#### 1. Privilege, Ownership & Metadata Manipulation
+- **Elevated Access**: `sudo`, `chown`, `chmod`, `TakeOwnership`, `icacls`, `Set-ExecutionPolicy`.
+- **Metadata Tampering**: `touch -t`, `setfile` (macOS), `attrib` (Windows), `Set-ItemProperty`, `chflags`.
+- **Risk**: Unauthorized access, masking activity, or making files immutable.
+
+#### 2. File/Folder Locking & Resource Denial
+- **Patterns**: `chmod 000`, `chattr +i` (immutable), `attrib +r +s +h`, `Deny` ACEs in `icacls`.
+- **Global Actions**: Locking or hiding folders in `%USERPROFILE%`, `/Users/`, or `/etc/`.
+- **Risk**: Denial of service or data locking.
+
+#### 3. Script Execution & Batch Invocation
+- **Legacy/Batch Windows**: `.bat`, `.cmd`, `cmd.exe /c`, `vbs`, `cscript`, `wscript`.
+- **Unix Shell**: `.sh`, `.bash`, `.zsh`, `chmod +x` followed by execution.
+- **PowerShell**: `.ps1`, `powershell -ExecutionPolicy Bypass -File ...`.
+- **Hidden Flags**: `-WindowStyle Hidden`, `-w hidden`, `-noprofile`.
+
+#### 4. Dangerous Install/Uninstall & System Changes
+- **Windows**: `msiexec /qn`, `choco uninstall`, `reg delete`.
+- **Linux/Unix**: `apt-get purge`, `yum remove`, `rm -rf /usr/bin/...`.
+- **macOS**: `brew uninstall`, deleting from `/Applications`.
+- **Risk**: Removing security software or creating unmonitored installation paths.
+
+#### 5. Mobile Application & OS Security (Android/iOS)
+- **Android Tools**: `adb shell`, `pm install`, `am start`, `apktool`, `dex2jar`, `keytool`.
+- **Android Files**: Manipulation of `AndroidManifest.xml` (permissions), `classes.dex`, or `strings.xml`.
+- **iOS Tools**: `xcodebuild`, `codesign`, `security find-identity`, `fastlane`, `xcrun`.
+- **iOS Files**: Manipulation of `Info.plist`, `Entitlements.plist`, or `Provisioning Profiles`.
+- **Mobile Patterns**: Jailbreak/Root detection bypasses, hardcoded API keys in mobile source, or sensitive permission requests (Camera, GPS, Contacts) in non-mobile skills.
+- **Risk**: Malicious mobile package injection, credential theft from mobile builds, or device manipulation via ADB.
+
+#### 6. Information Disclosure & Network Exfiltration
+- **Patterns**: `curl`, `wget`, `Invoke-WebRequest`, `Invoke-RestMethod`, `scp`, `ftp`, `nc`, `socat`.
+- **Sensible Data**: `.env`, `.ssh`, `cookies.sqlite`, `Keychains` (macOS), `Credentials` (Windows), `keystore` (Android).
+- **Intranet**: Scanning internal IPs or mapping local services.
+
+#### 7. Service, Process & Stability Manipulation
+- **Windows**: `Stop-Service`, `taskkill /f`, `sc.exe delete`.
+- **Unix/Mac**: `kill -9`, `pkill`, `systemctl disable/stop`, `launchctl unload`.
+- **Low-level**: Direct disk access (`dd`), firmware/BIOS calls, kernel module management.
+
+#### 8. Obfuscation & Persistence
+- **Encoding**: `Base64`, `Hex`, `XOR` loops, `atob()`.
+- **Persistence**: `reg add` (Run keys), `schtasks`, `crontab`, `launchctl` (macOS), `systemd` units.
+- **Tubes**: `curl ... | bash`, `iwr ... | iex`.
+
+#### 9. Legitimacy & Scope (Universal)
+- **Registry Alignment**: Cross-reference with `CATALOG.md`.
+- **Structural Integrity**: Does it follow the standard repo layout?
+- **Healthy Scope**: Does a "UI Design" skill need `adb shell` or `sudo`?
+
+### Step 3: Reporting
+
+Generates a security report with a score (0-10), platform target identification, flagged actions, threat analysis, and mitigation recommendations.
+
+## Examples
+
+### Example 1: Security Review
+
+```markdown
+"Perform a security audit on this skill bundle"
+```
+
+### Example 2: Cross-Platform Threat Analysis
+
+```markdown
+"Scan for mobile threats in this AI skill"
+```
+
+## Best Practices
+
+- ✅ Perform non-intrusive analysis
+- ✅ Check for privilege escalation patterns
+- ✅ Look for information disclosure vulnerabilities
+- ✅ Analyze cross-platform threats
+- ❌ Don't execute potentially malicious code during audit
+- ❌ Don't modify the code being audited
+- ❌ Don't ignore mobile-specific security concerns
+
+## Common Pitfalls
+
+- **Problem:** Executing code during audit
+  **Solution:** Stick to static analysis methods only
+
+- **Problem:** Missing cross-platform threats
+  **Solution:** Check for platform-specific security issues on all supported platforms
+
+- **Problem:** Failing to detect obfuscated payloads
+ **Solution:** Look for encoding patterns like Base64, Hex, XOR loops, and atob()
+
+## Related Skills
+
+- `@security-scanner` - Additional security scanning capabilities
diff --git a/skills_index.json b/skills_index.json
index 9ec835f6..19df6a0e 100644
--- a/skills_index.json
+++ b/skills_index.json
@@ -959,6 +959,16 @@
     "source": "unknown",
     "date_added": null
   },
+  {
+    "id": "audit-skills",
+    "path": "skills/audit-skills",
+    "category": "security",
+    "name": "audit-skills",
+    "description": "Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).",
+    "risk": "safe",
+    "source": "community",
+    "date_added": "2026-03-07"
+  },
   {
     "id": "auri-core",
     "path": "skills/auri-core",