0xDarkMatter

GitHub remote operations — repo creation, metadata (description/homepage/topics), releases, README 'Recent Updates' enforcement, and issue / PR management with preview-before-send discipline. Companion to git-ops (local) and push-gate (pre-push safety). Three modes: new (first publish), update (subsequent release), audit (read-only checklist), plus atomic operations for issues and PRs. Triggers on: push to github, publish repo, ship release, cut release, gh release, set topics, repo description, github metadata, recent updates section, audit github repo, repo visibility, make repo public, gh repo create, gh issue, gh pr, create issue, comment on issue, close issue, triage issue, create PR, review PR, merge PR, pre-merge check, pr checks.

Defend the agent's instruction surface against adversarial content - hidden-Unicode prompt injection (Trojan Source bidi reordering, U+E0000 tag-block ASCII smuggling, zero-width text), homoglyph confusables, and poisoned context that a human reviewer can't see but the model obeys. Scan CLAUDE.md / AGENTS.md / SKILL.md / .cursorrules and MCP tool descriptions; sanitize fetched web pages, issue/PR bodies, and dependency READMEs before they enter context. Triggers on: prompt injection, hidden unicode, invisible characters, zero-width space, bidi override, Trojan Source, ASCII smuggling, tag characters, homoglyph, confusable, unicode steganography, poisoned CLAUDE.md, malicious tool description, MCP tool poisoning, instruction injection, jailbreak in file, is this file safe, sanitize untrusted content, scan for hidden text.

Pre-push safety gate for any git push to a remote (GitHub, GitLab, Bitbucket, self-hosted). Runs gitleaks + regex-layer secret scan, forbidden-file check, divergence check, size warning, and requires explicit confirm before pushing. Refuses on any secret hit. Triggers on: push to origin, push to github, push to remote, git push, can we push, safe to push, ready to push, pre-push check, push-gate.

Set tool permissions for Claude Code. Configures allowed commands, rules, and preferences in .claude/ directory. Triggers on: setperms, init tools, configure permissions, setup project, set permissions, init claude.

Behavioural-first software supply chain defense - catches poisoned npm/PyPI packages in the publish-to-advisory window that CVE tools miss. Socket.dev integration (free CLI + GitHub app + depscore MCP for Claude Code), stale-OIDC audit, dependency cooldown policy, publish-token rotation, VS Code extension audit, and a self-integrity scan that detects worm persistence hooks injected into Claude Code / VS Code settings. Triggers on: supply chain, supply chain attack, malicious package, poisoned dependency, npm worm, Shai-Hulud, behavioural scanning, Socket.dev, socket scan, dependency security, postinstall malware, OIDC token theft, compromised maintainer, typosquat, dependency confusion, package provenance, SLSA, persistence hook, malicious VS Code extension.

Python asyncio patterns for concurrent programming. Triggers on: asyncio, async, await, coroutine, gather, semaphore, TaskGroup, event loop, aiohttp, concurrent.

SQLAlchemy and database patterns for Python. Triggers on: sqlalchemy, database, orm, migration, alembic, async database, connection pool, repository pattern, unit of work.

Fast Python environment management with uv (10-100x faster than pip). Triggers on: uv, venv, pip, pyproject, python environment, install package, dependencies.

Audit a completed parcel against its spec. Reads the parcel prompt, reads PARCEL_DONE.md (via parcel-reader), runs the git diff triad, reads changed src files, executes the dev loop (uv sync + pytest + mypy + ruff), and writes a versioned audit at <worktrees_root>/audits/<id>.v<N>.md with a PASS / PASS_WITH_WARNINGS / FAIL verdict. Triggers on: audit parcel, review parcel, did this parcel deliver, parcel verdict, inspect PARCEL_DONE, parcel review.

Generate self-contained headless-agent prompt files from a spec doc for DSP parallel build. Reads a PARCELS.md-style breakdown and writes one prompt per parcel that a fresh claude -p session can execute without inherited context. Triggers on: parcel prompts, headless prompts, generate parcels, spec-to-parcels, fan-out prompts, DSP prompts, parcel generation, write parcel, fleet parcel.

Decompose a spec document (architecture, roadmap, wave plan) into a ranked list of candidate parcels ready for parcel-generate. Given a goal and a spec, produce parcel IDs with scope, dependencies, estimated duration, and parallel-safe groupings — the upstream half of the parcel-generate pipeline. Triggers on: plan parcels, decompose spec, parcel breakdown, wave plan, parcel sequencing, what parcels do we need, spec to parcels, parcel decomposition, fleet wave plan.

Parse a parcel's PARCEL_DONE.md into structured sections (summary, what-built, contracts-honoured, deviations, open-questions, verification-results, affected-trees) without reformatting the body. Read-only utility used by parcel-audit and wave-triage. Triggers on: read PARCEL_DONE, parse parcel done, what did this parcel deliver, extract parcel report, parcel completion summary, fleet parcel report.

Inventory active parcel worktrees under the configured worktrees root and emit a table per parcel: branch, commits ahead/behind main, PARCEL_DONE presence, audit presence, last commit. The parcel analogue of lane-roster. Triggers on: parcel roster, which parcels, parcel status, list parcels, what parcels exist, parcels overview, parcel fleet, parcel inventory.

Given the parcels belonging to a wave, compute merge order and gate status by combining parcel-roster inventory, parcel-reader claims, and parcel-audit verdicts against the wave's plan document. Surfaces: ready-to-merge, blocked, at-risk, and the next recommended merge. Triggers on: wave triage, wave status, what merges next, gate status, which parcels are blocked, wave readiness, merge order, wave plan.