菜单
A skill where a real high-entropy secret shares a line with an allowlisted asset reference, which must not suppress detection.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Extracts a reusable code pattern from the current repo and authors a portable, validated Agent Skill. Use when you want to capture a logging setup, CI/CD pipeline, observability stack, async messaging pattern, frontend component library, feature-flag middleware, or any other repeatable engineering pattern so it can be replayed across other repos. Produces: a standard-conformant SKILL.md, parameterized code templates in assets/templates/, a PARAMETERS.md documenting every placeholder, then runs validate-skill.sh, scan-leaks.sh, and dry-run-replay.sh as a tiered quality gate. Output is ready to publish via references/publishing.md.
Regression fixture for dry-run-replay header-skip drift.
A clean skill containing a git commit SHA, a UUID, and an embedded base64 image asset — none of which are secrets and none must trip the scanner.
Sets up structured logging for a service using a configurable log level and service name. Produces a logger.config file ready for ingestion by your logging pipeline. Works with any service that reads configuration from a flat config file.
A skill that accidentally contains an AWS access key — should be caught by the scanner.
A skill containing bare base64 secrets ending in equals-sign padding, which must not evade the entropy detector.
| name | secret-with-asset-leak-skill |
| description | A skill where a real high-entropy secret shares a line with an allowlisted asset reference, which must not suppress detection. |
| version | 1.0.0 |
A real secret appears on the SAME line as an allowlisted asset filename and an allowlisted data-URI. A line-scoped allowlist would wrongly suppress the secret; a per-token allowlist must still catch it.
API_BLOB=PLACEHOLDER_REPLACED_AT_RUNTIME see logo.png for the icon
TOKEN_BLOB=PLACEHOLDER_REPLACED_AT_RUNTIME data:image/png;base64,iVBORw0KGgo