firefrost-gaming/claude-skills-reference
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
281 Commits 1 Branch 0 Tags
b87662ecdf66ef752eca23e18c67ec71eee41ffd
Commit Graph

281 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alireza Rezvani
b87662ecdf feat: add skill-security-auditor POWERFUL-tier skill (#230) 
Security audit and vulnerability scanner for AI agent skills before installation.

Scans for:
- Code execution risks (eval, exec, os.system, subprocess shell injection)
- Data exfiltration (outbound HTTP, credential harvesting, env var extraction)
- Prompt injection in SKILL.md (system override, role hijack, safety bypass)
- Dependency supply chain (typosquatting, unpinned versions, runtime installs)
- File system abuse (boundary violations, binaries, symlinks, hidden files)
- Privilege escalation (sudo, SUID, cron manipulation, shell config writes)
- Obfuscation (base64, hex encoding, chr chains, codecs)

Produces clear PASS/WARN/FAIL verdict with per-finding remediation guidance.
Supports local dirs, git repo URLs, JSON output, strict mode, and CI/CD integration.

Includes:
- scripts/skill_security_auditor.py (1049 lines, zero dependencies)
- references/threat-model.md (complete attack vector documentation)
- SKILL.md with usage guide and report format

Tested against: rag-architect (PASS), agent-designer (PASS), senior-secops (FAIL - correctly flagged eval/exec patterns).

Co-authored-by: Leo <leo@openclaw.ai>
 2026-03-04 02:59:45 +01:00
Alireza Rezvani
7064c17453 Merge branch 'main' into dev 2026-03-04 01:43:20 +01:00
Alireza Rezvani
35b28bff73 docs: rewrite CHANGELOG.md with v2.0.0 release (65 skills, 9 domains) (#226) 
* docs: rewrite CHANGELOG.md with v2.0.0 release (65 skills, 9 domains)

- Consolidate 191 commits since v1.0.2 into proper v2.0.0 entry
- Document 12 POWERFUL-tier skills, 37 refactored skills
- Add new domains: business-growth, finance
- Document Codex support and marketplace integration
- Update version history summary table
- Clean up [Unreleased] to only planned work

* docs: add 24 POWERFUL-tier skills to plugin, fix counts to 85 across all docs

- Add engineering-advanced-skills plugin (24 POWERFUL-tier skills) to marketplace.json
- Add 13 missing skills to CHANGELOG v2.0.0 (agent-workflow-designer, api-test-suite-builder,
  changelog-generator, ci-cd-pipeline-builder, codebase-onboarding, database-schema-designer,
  env-secrets-manager, git-worktree-manager, mcp-server-builder, monorepo-navigator,
  performance-profiler, pr-review-expert, runbook-generator)
- Fix skill count: 86→85 (excl sample-skill) across README, CHANGELOG, marketplace.json
- Fix stale 53→85 references in README
- Add engineering-advanced-skills install command to README
- Update marketplace.json version to 2.0.0

---------

Co-authored-by: Leo <leo@openclaw.ai>
 2026-03-04 01:40:44 +01:00
Gábor Lipták
5f63d23836 Refactor timestamp handling in skill_validator.py (#223) 
fix: replace deprecated datetime.utcnow() with timezone-aware alternative
 2026-03-03 18:01:28 +01:00
Alireza Rezvani
40df8ff9d6 feat: add 20 new practical skills (65→86 total) 
20 production-ready skills for professional Claude Code users.

Engineering (12): git-worktree-manager, ci-cd-pipeline-builder, mcp-server-builder, changelog-generator, pr-review-expert, api-test-suite-builder, env-secrets-manager, database-schema-designer, codebase-onboarding, performance-profiler, runbook-generator, monorepo-navigator

Engineering Team (2): stripe-integration-expert, email-template-builder
Product (3): saas-scaffolder, landing-page-generator, competitive-teardown  
Business (1): contract-and-proposal-writer
Marketing (1): prompt-engineer-toolkit
AI Engineering (1): agent-workflow-designer

Also: README updated (badges, counts, new section), STORE.md (Stan Store + Gumroad distribution plan)
 2026-03-02 04:47:47 +01:00
Alireza Rezvani
39102d40c4 Merge branch 'main' into dev 2026-03-01 20:29:45 +01:00
Reza Rezvani
09bf13accb docs: add commercial distribution plan (Stan Store + Gumroad) 2026-03-01 17:50:04 +01:00
Reza Rezvani
41ca650250 docs: update README with 20 new skills, counts 65→86, new skills section 2026-03-01 17:49:01 +01:00
alirezarezvani
ecd989e0a0 chore: sync codex skills symlinks [automated] 2026-03-01 16:43:42 +00:00
Reza Rezvani
28d542139f feat: add 20 new practical skills for professional Claude Code users 
New skills across 5 categories:

Engineering (12):
- git-worktree-manager: Parallel dev with port isolation & env sync
- ci-cd-pipeline-builder: Generate GitHub Actions/GitLab CI from stack analysis
- mcp-server-builder: Build MCP servers from OpenAPI specs
- changelog-generator: Conventional commits to structured changelogs
- pr-review-expert: Blast radius analysis & security scan for PRs
- api-test-suite-builder: Auto-generate test suites from API routes
- env-secrets-manager: .env management, leak detection, rotation workflows
- database-schema-designer: Requirements to migrations & types
- codebase-onboarding: Auto-generate onboarding docs from codebase
- performance-profiler: Node/Python/Go profiling & optimization
- runbook-generator: Operational runbooks from codebase analysis
- monorepo-navigator: Turborepo/Nx/pnpm workspace management

Engineering Team (2):
- stripe-integration-expert: Subscriptions, webhooks, billing patterns
- email-template-builder: React Email/MJML transactional email systems

Product Team (3):
- saas-scaffolder: Full SaaS project generation from product brief
- landing-page-generator: High-converting landing pages with copy frameworks
- competitive-teardown: Structured competitive product analysis

Business Growth (1):
- contract-and-proposal-writer: Contracts, SOWs, NDAs per jurisdiction

Marketing (1):
- prompt-engineer-toolkit: Systematic prompt development & A/B testing

Designed for daily professional use and commercial distribution.
 2026-03-01 17:43:27 +01:00
Alireza Rezvani
7fde8a90e9 Dev (#218) 
* Improve senior-fullstack skill description and workflow validation

- Expand frontmatter description with concrete actions and trigger clauses
- Add validation steps to scaffolding workflow (verify scaffold succeeded)
- Add re-run verification step to audit workflow (confirm P0 fixes)

* chore: sync codex skills symlinks [automated]

* fix(skill): normalize senior-fullstack frontmatter to inline format

Normalize YAML description from block scalar (>) to inline single-line
format matching all other 50+ skills. Align frontmatter trigger phrases
with the body's Trigger Phrases section to eliminate duplication.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(ci): add GITHUB_TOKEN to checkout + restore corrupted skill descriptions

- Add token: ${{ secrets.GITHUB_TOKEN }} to actions/checkout@v4 in
  sync-codex-skills.yml so git-auto-commit-action can push back to branch
  (fixes: fatal: could not read Username, exit 128)
- Restore correct description for incident-commander (was: 'Skill from engineering-team')
- Restore correct description for senior-fullstack (was: '>')

* fix(ci): pass PROJECTS_TOKEN to fix automated commits + remove duplicate checkout

Fixes PROJECTS_TOKEN passthrough for git-auto-commit-action and removes duplicate checkout step in pr-issue-auto-close workflow.

* fix(ci): remove stray merge conflict marker in sync-codex-skills.yml (#221)

Co-authored-by: Leo <leo@leo-agent-server>

* fix(ci): fix workflow errors + add OpenClaw support (#222)

---------

Co-authored-by: Baptiste Fernandez <fernandez.baptiste1@gmail.com>
Co-authored-by: alirezarezvani <5697919+alirezarezvani@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Leo <leo@leo-agent-server>
 2026-02-25 10:58:52 +01:00
Alireza Rezvani
f460e25e3e fix(ci): fix workflow errors + add OpenClaw support (#222) 2026-02-24 17:33:21 +01:00
Alireza Rezvani
415e5700f2 fix(ci): remove stray merge conflict marker in sync-codex-skills.yml (#221) 
Co-authored-by: Leo <leo@leo-agent-server>
 2026-02-24 17:21:30 +01:00
Alireza Rezvani
9ab1dad6bb fix(ci): pass PROJECTS_TOKEN to fix automated commits + remove duplicate checkout 
Fixes PROJECTS_TOKEN passthrough for git-auto-commit-action and removes duplicate checkout step in pr-issue-auto-close workflow.
 2026-02-23 12:03:41 +01:00
Reza Rezvani
290060bee7 fix(ci): add GITHUB_TOKEN to checkout + restore corrupted skill descriptions 
- Add token: ${{ secrets.GITHUB_TOKEN }} to actions/checkout@v4 in
  sync-codex-skills.yml so git-auto-commit-action can push back to branch
  (fixes: fatal: could not read Username, exit 128)
- Restore correct description for incident-commander (was: 'Skill from engineering-team')
- Restore correct description for senior-fullstack (was: '>')
 2026-02-19 09:28:20 +00:00
Alireza Rezvani
b634c4f1c2 Merge pull request #217 from alirezarezvani/fix/normalize-fullstack-frontmatter 
fix(skill): normalize senior-fullstack frontmatter to inline format
 2026-02-17 16:55:01 +01:00
Reza Rezvani
7bca2e1dbb fix(skill): normalize senior-fullstack frontmatter to inline format 
Normalize YAML description from block scalar (>) to inline single-line
format matching all other 50+ skills. Align frontmatter trigger phrases
with the body's Trigger Phrases section to eliminate duplication.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 16:54:34 +01:00
alirezarezvani
79f6f0c026 chore: sync codex skills symlinks [automated] 2026-02-17 13:36:33 +00:00
Alireza Rezvani
672cf8876c Merge pull request #216 from fernandezbaptiste/improve-senior-fullstack-skill 
Improve senior-fullstack skill description and add workflow validation
 2026-02-17 14:36:21 +01:00
Baptiste Fernandez
19524894dd Improve senior-fullstack skill description and workflow validation 
- Expand frontmatter description with concrete actions and trigger clauses
- Add validation steps to scaffolding workflow (verify scaffold succeeded)
- Add re-run verification step to audit workflow (confirm P0 fixes)
 2026-02-17 09:35:11 +00:00
Alireza Rezvani
0bea02d2b6 Merge pull request #214 from alirezarezvani/dev 
fix: Claude Code plugin manifest for engineering/ skills
 2026-02-16 18:28:01 +01:00
Alireza Rezvani
93c3426156 Merge pull request #213 from alirezarezvani/feature/engineering-plugin-and-fixes 
feat: add Claude Code plugin manifest for engineering/ directory
 2026-02-16 18:27:54 +01:00
Leo
84ff0a23f0 feat: add Claude Code plugin manifest for engineering/ skills 2026-02-16 17:27:40 +00:00
Alireza Rezvani
2fcf3ef412 Merge pull request #212 from alirezarezvani/dev 
Release: 12 new POWERFUL-tier engineering skills (53→65)
 2026-02-16 18:18:15 +01:00
Alireza Rezvani
1d33e80677 Merge pull request #211 from alirezarezvani/feature/update-docs-batch2 
docs: batch 2 skill documentation (59→65 skills)
 2026-02-16 18:17:44 +01:00
Alireza Rezvani
d6895ddbf7 Merge pull request #210 from alirezarezvani/feature/skill-tester 
feat: add skill-tester meta-skill
 2026-02-16 18:17:42 +01:00
Alireza Rezvani
8d900b6194 Merge pull request #209 from alirezarezvani/feature/agent-designer 
feat: add agent-designer skill
 2026-02-16 18:17:39 +01:00
Alireza Rezvani
46abdc959b Merge pull request #208 from alirezarezvani/feature/rag-architect 
feat: add rag-architect skill
 2026-02-16 18:17:37 +01:00
Alireza Rezvani
98ccc3c8b9 Merge pull request #207 from alirezarezvani/feature/database-designer 
feat: add database-designer skill
 2026-02-16 18:17:35 +01:00
Alireza Rezvani
73c97d701f Merge pull request #206 from alirezarezvani/feature/release-manager 
feat: add release-manager skill
 2026-02-16 18:17:33 +01:00
Alireza Rezvani
e6afba3a71 Merge pull request #205 from alirezarezvani/feature/dependency-auditor 
feat: add dependency-auditor skill
 2026-02-16 18:17:30 +01:00
Leo
226a2bd0d2 docs: update README, CHANGELOG, plugin JSONs with batch 2 skills (59→65) 2026-02-16 16:58:13 +00:00
Leo
d63685401d feat: add skill-tester POWERFUL-tier skill 
- Comprehensive skill validation, testing, and quality scoring framework
- skill_validator.py: validates structure, documentation, and compliance (700+ LOC)
- script_tester.py: tests syntax, functionality, and runtime behavior (800+ LOC)
- quality_scorer.py: multi-dimensional quality assessment with scoring (1100+ LOC)
- Complete reference documentation (structure spec, tier requirements, scoring rubric)
- Sample skill with assets and expected outputs for testing
- CI/CD integration examples and pre-commit hook support
- Zero external dependencies, dual output formats (JSON + human-readable)
- Self-testing capable meta-skill for quality assurance automation
 2026-02-16 16:53:49 +00:00
Leo
397b489a94 feat: add agent-designer POWERFUL-tier skill 2026-02-16 16:40:27 +00:00
Leo
effb867982 feat: add rag-architect POWERFUL-tier skill 
- chunking_optimizer.py: analyzes document corpus, recommends chunking strategies
- retrieval_evaluator.py: evaluates retrieval quality with built-in TF-IDF baseline
- rag_pipeline_designer.py: designs end-to-end RAG pipelines with Mermaid diagrams
- References, sample corpus, expected outputs included
- Zero external dependencies
 2026-02-16 16:22:44 +00:00
Leo
dd07924f41 feat: add database-designer POWERFUL-tier skill 2026-02-16 16:11:29 +00:00
Leo
d6f2f1df78 feat: add release-manager POWERFUL-tier skill 
Complete release management toolkit including:
- changelog_generator.py: Parse conventional commits and generate structured changelogs
- version_bumper.py: Determine semantic version bumps from commit analysis
- release_planner.py: Assess release readiness and generate coordination plans
- Comprehensive documentation covering SemVer, Git workflows, hotfix procedures
- Sample data and expected outputs for testing
- Zero external dependencies, Python standard library only

Enables automated changelog generation, version management, and release coordination
from git history using conventional commits specification.
 2026-02-16 15:56:03 +00:00
Leo
4dc5ef5f19 feat: add dependency-auditor POWERFUL-tier skill 2026-02-16 15:42:19 +00:00
Alireza Rezvani
c6bd30139e Merge pull request #204 from alirezarezvani/dev 
Dev
 2026-02-16 15:58:58 +01:00
Alireza Rezvani
b40398f896 Merge pull request #203 from alirezarezvani/feature/update-docs-new-skills 
docs: update README, CHANGELOG, and skills index
 2026-02-16 15:58:29 +01:00
Alireza Rezvani
efb79e195b Merge pull request #202 from alirezarezvani/feature/observability-designer 
feat: add observability-designer skill
 2026-02-16 15:58:05 +01:00
Leo
b7e09026b0 docs: add observability-designer to README, CHANGELOG, and skills index 
Completes the 6 POWERFUL-tier skill documentation update.
Skill count: 59.
 2026-02-16 14:08:06 +00:00
Leo
907faa1720 docs: update README, CHANGELOG, and skills index with 5 new POWERFUL-tier skills 
- Added incident-commander, tech-debt-tracker, api-design-reviewer, interview-system-designer, migration-architect
- Updated skill count from 53 to 58 in README.md badge
- Updated total_skills from 54 to 59 in .codex/skills-index.json
- Added detailed skill descriptions with included tools
- Updated CHANGELOG.md with 2026-02-16 release
- Added CI workflow fixes and documentation improvements

Note: observability-designer was not found in the repository and was excluded.
 2026-02-16 14:06:37 +00:00
Leo
52732f7e2b feat: add observability-designer POWERFUL-tier skill 
- SLO Designer: generates comprehensive SLI/SLO frameworks with error budgets and burn rate alerts
- Alert Optimizer: analyzes and optimizes alert configurations to reduce noise and improve effectiveness
- Dashboard Generator: creates role-based dashboard specifications with golden signals coverage

Includes comprehensive documentation, sample data, and expected outputs for testing.
 2026-02-16 14:03:12 +00:00
Alireza Rezvani
cf90e47244 Merge pull request #201 from alirezarezvani/dev 
Dev
 2026-02-16 14:57:59 +01:00
Alireza Rezvani
031730b814 Merge pull request #200 from alirezarezvani/feature/migration-architect 
feat: add migration-architect skill
 2026-02-16 14:53:27 +01:00
Alireza Rezvani
9544882b6f Merge pull request #199 from alirezarezvani/feature/interview-system-designer 
feat: add interview-system-designer skill
 2026-02-16 14:49:54 +01:00
Leo
e6cc0f4c6a feat: add migration-architect POWERFUL-tier skill 2026-02-16 13:48:47 +00:00
Leo
6707dd18c2 feat: add interview-system-designer skill 
- Comprehensive interview system design toolkit
- Interview Loop Designer: generates calibrated loops for any role/level
- Question Bank Generator: creates competency-based questions with rubrics
- Hiring Calibrator: analyzes interview data for bias and calibration issues
- Complete reference materials: competency matrices, bias mitigation, debrief guides
- Sample data and expected outputs for testing
- Supports all major roles: SWE, PM, Designer, Data, DevOps, Leadership
- Zero external dependencies, Python standard library only
- Dual output: JSON + human-readable text formats
 2026-02-16 13:30:58 +00:00
alirezarezvani
f6131b24d6 chore: sync codex skills symlinks [automated] 2026-02-16 13:24:40 +00:00