菜单
Fixture for scan-leaks:ignore annotation test — same secret WITHOUT annotation must be caught.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Extracts a reusable code pattern from the current repo and authors a portable, validated Agent Skill. Use when you want to capture a logging setup, CI/CD pipeline, observability stack, async messaging pattern, frontend component library, feature-flag middleware, or any other repeatable engineering pattern so it can be replayed across other repos. Produces: a standard-conformant SKILL.md, parameterized code templates in assets/templates/, a PARAMETERS.md documenting every placeholder, then runs validate-skill.sh, scan-leaks.sh, and dry-run-replay.sh as a tiered quality gate. Output is ready to publish via references/publishing.md.
Regression fixture for dry-run-replay header-skip drift.
A clean skill containing a git commit SHA, a UUID, and an embedded base64 image asset — none of which are secrets and none must trip the scanner.
Sets up structured logging for a service using a configurable log level and service name. Produces a logger.config file ready for ingestion by your logging pipeline. Works with any service that reads configuration from a flat config file.
A skill that accidentally contains an AWS access key — should be caught by the scanner.
A skill containing bare base64 secrets ending in equals-sign padding, which must not evade the entropy detector.
| name | ignore-without-annotation |
| description | Fixture for scan-leaks:ignore annotation test — same secret WITHOUT annotation must be caught. |
| x-spec-version | 1 |
This file contains a real planted secret WITHOUT the scan-leaks:ignore annotation. The detector must catch it.
AWS_ACCESS_KEY_ID=PLACEHOLDER_REPLACED_AT_RUNTIME
