* upgrade skill-review to skill-review-and-optimize
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* retrigger CI
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Install apps/web-app dependencies in the publish workflow before the\nfrontend build so CI matches the working Pages pipeline.\n\nHarden the maintainer release suite by adding the same install step\nbefore app:build, and switch the shared app:install helper to npm ci\nfor deterministic installs.\n\nDocument the follow-up patch release in the changelog so 8.7.1 can\npublish the 8.7.x line to npm after the 8.7.0 release failed before\nreaching the registry.
Refresh maintainer-owned artifacts after the PR merge batch, convert the\nJetski loader example to a directly importable Node ESM module, and add\nthe 8.7.0 changelog entry before release preparation.\n\nRefs #382\nRefs #388
Integrate the JobGPT skill directly on main because the fork does not\nallow maintainer edits and the reviewed content still needed workflow and\nauth guidance fixes before release prep.\n\nRefs #388\nCo-authored-by: Yashveer Rana <captainjackrana@gmail.com>
* Add windows-shell-reliability skill
* Fix validation errors in windows-shell-reliability skill
* fix(windows-shell-reliability): Correct shell guidance
Scope the UTF-8 workaround to older Windows PowerShell behavior,\ninclude stderr in the logging recipe, and replace the foreground\nredirection example with a true detached Start-Process pattern.
---------
Co-authored-by: sickn33 <sickn33@users.noreply.github.com>
* Add skill: moyu anti-overengineering
* fix(moyu): Align metadata for validation
Match the frontmatter name to the skill directory and shorten the\ndescription so the maintainer validation checks can pass on the PR\nbranch without changing the skill body itself.
---------
Co-authored-by: sickn33 <sickn33@users.noreply.github.com>
Add a Unix activation script, Antigravity-specific installer guidance,
and cross-platform recovery documentation so users can reduce the
live skill set when truncation or context overload appears.
Regenerate the canonical bundle/catalog artifacts after merging the
stale goldrush-api removal so main stays release-ready.
Refs #381
This SKILL.md was a point-in-time copy that cannot auto-update
from the canonical source at github.com/covalenthq/goldrush-agent-skills.
Removing to avoid stale/misleading content. The canonical skills
are maintained at: https://github.com/covalenthq/goldrush-agent-skills
Co-authored-by: Jayen Harrill <jayenharrill@Mac.lan>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add gdb-cli skill for AI-assisted GDB debugging
A GDB debugging skill designed for AI agents that combines source
code analysis with runtime state inspection. Supports core dump
analysis, live process debugging, crash investigation, and deadlock
analysis.
Features:
- Core dump analysis with millisecond-level response
- Live process attach debugging
- Source code correlation with runtime state
- Multi-threaded debugging support
- Common debugging patterns (null pointer, deadlock, memory corruption)
Repository: https://github.com/Cerdore/gdb-cli
* fix(skill): Reclassify gdb-cli risk label
---------
Co-authored-by: sickn33 <sickn33@users.noreply.github.com>
Tighten the web app ESLint scope so TypeScript source is checked
without crawling bundled skill assets, and remove unused markdown and
debounce dependencies.
Clarify the security reporting flow and split code vs content
licensing to reduce ambiguity for users and contributors.
Document the full maintainer batch since v8.4.0, including the
installer safety fix, the two new bdistill skills, maintainer
automation work, and the README community additions used for the
8.5.0 release.
* feat: add bdistill behavioral-xray and knowledge-extraction skills
Two MCP-powered skills for AI model analysis:
- behavioral-xray: Self-probe across 6 dimensions with HTML reports
- knowledge-extraction: Domain knowledge extraction via Ollama for LoRA training
Repository: https://github.com/FrancyJGLisboa/bdistill
Install: pip install bdistill
* fix: remove curl|sh install command, update skills for current capabilities
- Removed pipe-to-shell Ollama install (flagged by docs security policy)
- Replaced with link to https://ollama.com
- Updated knowledge-extraction to reflect in-session mode, adversarial
validation, tabular ML data, and compounding knowledge base
- Updated behavioral-xray with red-team and compliance use cases
- Removed ChatML/fine-tuning language — output is reference data
* fix(install): implement safety backup during migration to prevent data loss
* fix: safely migrate skills by backing up directory and preserving permissions
Guard metadata repair and doc sync scripts against symlink targets so
repo maintenance tasks cannot overwrite arbitrary local files.
Replace recursive skill discovery with an iterative walk that skips
symlinked directories, and harden the VideoDB listener to write only
private regular files in the user-owned state directory.
Also fix the broken pr:preflight script entry and make the last30days
skill stop embedding raw user arguments directly in the shell command.
Freeze the accepted validation warning count at 135 so repo-state and release-state checks fail if the warning baseline grows silently while legacy warnings remain intentionally preserved.
Add a read-only maintainer audit command plus regression tests so maintainers can inspect repo health quickly without mutating files.
Unify main-branch maintenance around repo-state and release-state commands so generated docs, contributor acknowledgements, tracked web assets, and canonical artifacts stay aligned across CI and scheduled hygiene runs.
Harden release publication by reusing deterministic sync commands, adding package dry-run verification, and covering the new workflow contract with regression tests.
Add maintainer automation for repo-state hygiene so contributor acknowledgements, count-sensitive docs, and GitHub About metadata stay aligned from the same workflow.
Cover the new scripts with regression tests and wire them into the local test suite to keep future maintenance changes from drifting silently.
Expose an explicit sync:github-about workflow that updates the remote GitHub About description, homepage, and topics from the repository metadata source of truth.
Add regression coverage for the generated gh commands and document the new maintainer path in the changelog and walkthrough.
Fix the README star badge replacement pattern so encoded badge values update correctly during metadata sync.
Also align the README release summary copy with the computed star milestone to avoid stale stargazer text after sync.
Extend repository metadata syncing so npm run chain now keeps count-sensitive docs and package copy aligned with the live skills catalog.
Add regression coverage for the curated-doc sync behavior and document the automation in the maintainer walkthrough and changelog.
Align public docs and maintainer guidance with the current 1,304-skill catalog state and v8.4.0 release copy.
Refresh README credits for newly imported external sources, update user-facing count references, and document the post-release docs realignment in the changelog and walkthrough.
Import and normalize new skills from anthropics/skills, marketingskills, claude-seo, and obsidian-skills.
Align imported skills to repository validation rules, document provenance, and sync generated registry artifacts after the import.
* chore: implement ESM standardization and security attestation
Aligning root infrastructure with Node.js v24.14.0 standards.
- Set type: module in package.json to eliminate re-parsing overhead.
- Migrated Jetski Loader tests to .cjs to maintain legacy security audit compatibility.
- Verified path traversal and symlink protections with clean attestation.
* chore(ci): update pr_preflight path to .cjs for ESM compatibility
* feat(infra): surgical ESM modernization for Gemini suite
Resolved Codex P1 by reverting global root ESM shift to preserve installer stability.
- Implemented scoped 'type: module' in /docs/integrations/jetski-gemini-loader/ to eliminate re-parsing overhead.
- Updated test runner (run-test-suite.js) and CI (ci.yml) to track .cjs transitions.
- Verified zero-warning execution in Node v24.14.0.
