القائمة
A skill that accidentally contains a GitHub personal access token — should be caught by the scanner.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Extracts a reusable code pattern from the current repo and authors a portable, validated Agent Skill. Use when you want to capture a logging setup, CI/CD pipeline, observability stack, async messaging pattern, frontend component library, feature-flag middleware, or any other repeatable engineering pattern so it can be replayed across other repos. Produces: a standard-conformant SKILL.md, parameterized code templates in assets/templates/, a PARAMETERS.md documenting every placeholder, then runs validate-skill.sh, scan-leaks.sh, and dry-run-replay.sh as a tiered quality gate. Output is ready to publish via references/publishing.md.
Regression fixture for dry-run-replay header-skip drift.
A clean skill containing a git commit SHA, a UUID, and an embedded base64 image asset — none of which are secrets and none must trip the scanner.
Sets up structured logging for a service using a configurable log level and service name. Produces a logger.config file ready for ingestion by your logging pipeline. Works with any service that reads configuration from a flat config file.
A skill that accidentally contains an AWS access key — should be caught by the scanner.
A skill containing bare base64 secrets ending in equals-sign padding, which must not evade the entropy detector.
| name | github-leak-skill |
| description | A skill that accidentally contains a GitHub personal access token — should be caught by the scanner. |
| version | 1.0.0 |
This skill leaks a GitHub token.
GITHUB_TOKEN=PLACEHOLDER_REPLACED_AT_RUNTIME