com um clique
security-check
提交或推送前的安全检查,扫描 API Key、访问令牌等敏感信息。
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Menu
提交或推送前的安全检查,扫描 API Key、访问令牌等敏感信息。
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Baseado na classificação ocupacional SOC
在进行 Code Review 时,使用这个技能对 LoongCollector 变更进行安全导向、架构一致性优先的深度代码评审。
按 Conventional Commits 规范编写提交信息。在创建 git commit 时使用。
编译 LoongCollector C++ 与 Go 组件。涉及构建、单元测试或镜像时使用。
Design document writing conventions. Use when writing or reviewing technical design documents.
LoongCollector E2E Testing Framework Development Guide. Use this rule when you need to understand E2E testing framework architecture, develop new test behavior functions, or extend testing capabilities. Contains detailed BDD testing framework usage, test behavior function development and registration workflows, and comprehensive reference of existing testing capabilities. Example: When adding custom test behaviors for new plugins, use this rule to understand how to write and register new test functions. Example: When developing E2E tests, use this rule to understand the e2e framework.
E2E Testing Standards Guide. Use this rule when you need to write or execute E2E tests, including test naming conventions, test workflows, and test behavior templates. This rule should be used for end-to-end integration testing scenarios to ensure test standardization and maintainability. Example: When writing new E2E tests, use this rule to ensure proper test format and workflow compliance.
| name | security-check |
| description | 提交或推送前的安全检查,扫描 API Key、访问令牌等敏感信息。 |
在提交和推送代码前,必须检查是否包含敏感信息,特别是 API Keys 和访问令牌。
sk- 开头的 API Keys(如 OpenAI、Anthropic、阿里云等)AIzaSy 开头的 Google API Keyspk_ 开头的公钥bash skills/security-check/scripts/security_check.sh commit
若未输出 staging area is clear,说明暂存区存在敏感信息。
bash skills/security-check/scripts/security_check.sh push
若未输出 all commits are clear,说明存在敏感信息,相关 commit hash 已写入 task/sensitive_commits.txt。
# 根据 task/sensitive_commits.txt 中的检查结果 reset,避免 commit 记录泄密
bash skills/security-check/scripts/security_reset.sh