一键在 Manus 中运行任何 Skill

$pwd:

security-systems

Name: Security Systems
Author: vibeforge1111

// Design secure, lightweight local-agent systems for Spark Intelligence and adjacent agent products. Use when defining identity and pairing rules, provider or channel auth, dangerous command approvals, tool and host boundaries, webhook trust checks, local secret handling, or security guardrails for new features.

在 Manus 中运行

$ git log --oneline --stat

stars:2

forks:18

updated:2026年3月25日 12:16

文件资源管理器

4 个文件

SKILL.md

readonly

name	security-systems
description	Design secure, lightweight local-agent systems for Spark Intelligence and adjacent agent products. Use when defining identity and pairing rules, provider or channel auth, dangerous command approvals, tool and host boundaries, webhook trust checks, local secret handling, or security guardrails for new features.

Security Systems

Use this skill when work touches:

identity and pairing architecture
session isolation
provider and secret handling
channel or webhook auth
dangerous command approval design
tool and host authority boundaries
security rules for new features

Read First

docs/SECURITY_DOCTRINE_V1.md
docs/IDENTITY_AND_SESSION_MODEL_SPEC_V1.md
docs/PROVIDER_AND_AUTH_CONFIG_SPEC_V1.md
docs/CODING_RULESET_V1.md
docs/SECURITY_RESEARCH_PLAN_HERMES_OPENCLAW.md
docs/OPENCLAW_HERMES_SECURITY_HISTORY_ANALYSIS_2026-03-25.md

Then read:

references/system-guardrails.md
references/competitor-lessons.md

Core Doctrine

Prefer:

deny-by-default
least authority
one canonical identity and security truth surface
explicit approvals and revocation
strict file and secret handling
visible, auditable runtime behavior

Reject:

silent authority expansion
username-only or heuristic identity linking
vague dangerous-command approvals
daemon or watchdog tricks that hide active authority
adapter-specific security truth

Workflow

Identify the exact trust boundary.
Define what new authority the feature adds.
Reduce the authority to the minimum needed.
Define the explicit approval, pairing, or auth rule.
Define secret, session, and logging behavior.
Check OpenClaw and Hermes lesson classes for known failure shapes.
Define fail-closed behavior, inspection surfaces, and smoke tests.

Required Outputs

Return these explicitly:

security boundary
authority added
default-deny rule
approval or pairing rule
secret-handling rule
session rule
failure mode
required smoke tests
do-not-build guardrail

Spark-Specific Rules

identity is a security boundary, not a convenience feature
DMs-first is safer than shared-room-first
cross-channel linking must be explicit
dangerous local actions must be approval-gated
native autostart wrappers must not become hidden control planes

Default Deliverable

The result should usually end in a compact secure-design brief with:

boundary map
secure defaults
hardening rules
tests to add

related-skills.json

同仓库

security-auditor.md

from "vibeforge1111/spark-intelligence-builder"

Audit local-agent systems, specs, and code for security weaknesses and hardening priorities. Use when reviewing Spark Intelligence features, security-sensitive diffs, identity or pairing flows, host-execution boundaries, webhook adapters, auth and secret handling, or when producing a security grade and remediation list that others can reuse later.

2026-03-252

agent-landscape-analysis.md

from "vibeforge1111/spark-intelligence-builder"

Analyze OpenClaw, Claude Cowork, Hermes Agent, and adjacent agent products to learn what to borrow, what to directly copy as patterns, and what Spark Intelligence should keep uniquely its own. Use when comparing architectures, onboarding, adapters, reliability harnesses, migration paths, or competitive product shape.

2026-03-252

reliable-job-harnesses.md

from "vibeforge1111/spark-intelligence-builder"

Build and review cron jobs, schedulers, retries, smoke tests, and operational harnesses for Spark Intelligence in a lightweight and highly reliable way. Use when designing job systems, background work, health checks, retry logic, cron behavior, migration jobs, or smoke-test coverage for scheduled work.

2026-03-252

spark-ecosystem-product.md

from "vibeforge1111/spark-intelligence-builder"

Make Spark Intelligence product decisions with deep awareness of Spark Researcher, Spark Swarm, domain chips, specialization paths, autoloop flywheels, and the wider Spark ecosystem. Use when defining product scope, modular architecture, ecosystem integration, persistent agent behavior, or self-evolving collective-intelligence systems.

2026-03-252

maintainable-engineering.md

from "vibeforge1111/spark-intelligence-builder"

Keep Spark Intelligence code, architecture, security, and documentation highly maintainable, scalable enough, and clean without adding unnecessary complexity. Use when reviewing code, planning architecture, writing docs, simplifying modules, improving quality, or enforcing long-term engineering standards.

2026-03-252

package.json

"author": "vibeforge1111"

"repository": "vibeforge1111/spark-intelligence-builder"

打开 GitHub 仓库查看创作者相关仓库

$ install --global

$ download --local

在 Manus 中运行

$ useful --forSOC

信息安全分析师计算机与数学类职业15-1212L4

name	security-systems
description	Design secure, lightweight local-agent systems for Spark Intelligence and adjacent agent products. Use when defining identity and pairing rules, provider or channel auth, dangerous command approvals, tool and host boundaries, webhook trust checks, local secret handling, or security guardrails for new features.

Security Systems

Use this skill when work touches:

identity and pairing architecture
session isolation
provider and secret handling
channel or webhook auth
dangerous command approval design
tool and host authority boundaries
security rules for new features

Read First

docs/SECURITY_DOCTRINE_V1.md
docs/IDENTITY_AND_SESSION_MODEL_SPEC_V1.md
docs/PROVIDER_AND_AUTH_CONFIG_SPEC_V1.md
docs/CODING_RULESET_V1.md
docs/SECURITY_RESEARCH_PLAN_HERMES_OPENCLAW.md
docs/OPENCLAW_HERMES_SECURITY_HISTORY_ANALYSIS_2026-03-25.md

Then read:

references/system-guardrails.md
references/competitor-lessons.md

Core Doctrine

Prefer:

deny-by-default
least authority
one canonical identity and security truth surface
explicit approvals and revocation
strict file and secret handling
visible, auditable runtime behavior

Reject:

silent authority expansion
username-only or heuristic identity linking
vague dangerous-command approvals
daemon or watchdog tricks that hide active authority
adapter-specific security truth

Workflow

Identify the exact trust boundary.
Define what new authority the feature adds.
Reduce the authority to the minimum needed.
Define the explicit approval, pairing, or auth rule.
Define secret, session, and logging behavior.
Check OpenClaw and Hermes lesson classes for known failure shapes.
Define fail-closed behavior, inspection surfaces, and smoke tests.

Required Outputs

Return these explicitly:

security boundary
authority added
default-deny rule
approval or pairing rule
secret-handling rule
session rule
failure mode
required smoke tests
do-not-build guardrail

Spark-Specific Rules

identity is a security boundary, not a convenience feature
DMs-first is safer than shared-room-first
cross-channel linking must be explicit
dangerous local actions must be approval-gated
native autostart wrappers must not become hidden control planes

Default Deliverable

The result should usually end in a compact secure-design brief with:

boundary map
secure defaults
hardening rules
tests to add

security-systems

Security Systems

Read First

Core Doctrine

Workflow

Required Outputs

Spark-Specific Rules

Default Deliverable

同仓库更多 Skills

同仓库更多 Skills

Security Systems

Read First

Core Doctrine

Workflow

Required Outputs

Spark-Specific Rules

Default Deliverable