Skip to content

Enhance all 45 skills per 7-rule audit evaluation#4

Open
kamalsrini wants to merge 1 commit into
mainfrom
enhance/skill-audit-2026-03-19
Open

Enhance all 45 skills per 7-rule audit evaluation#4
kamalsrini wants to merge 1 commit into
mainfrom
enhance/skill-audit-2026-03-19

Conversation

@kamalsrini

@kamalsrini kamalsrini commented Mar 19, 2026

Copy link
Copy Markdown
Contributor

Summary

  • 167 files changed (+7,332 / -2,075 lines) across all 45 skills in 10 domains
  • ~75 new supporting files created under /references/, /scripts/, /templates/ directories
  • 112 mandatory actions executed from SKILL_AUDIT.md evaluation against 7 rules

What changed

R4 File Structure (28 skills fixed): Extracted inline content (regex patterns, CWE mappings, framework tables, report templates, detection patterns) into structured /references/, /scripts/, /templates/ directories across all domains

R2 Verification (33 skills fixed): Added falsifiable tests with Expected Behavior, Actual Behavior Check, and binary pass/fail test cases

R5 Gotchas (15 skills fixed): Added/strengthened gotchas sections with false positive patterns, precision traps, and exploit pattern lessons

R3 Elegance (3 major dedup):

  • owasp-top-10-web <> secure-code-review: Added delegation note, extracted overlapping detection patterns
  • agentic-top-10 <> agent-security: Defined clear boundaries (framework compliance vs architecture review)
  • iam-review: Refactored as orchestrator delegating to access-review, privileged-access, zero-trust-assessment

R1 System Layer (6 skills fixed): Added executable Grep/Glob detection patterns to prose-only skills:

  • llm-top-10: 57 new detection patterns across all 10 categories
  • zero-trust-assessment: Grep patterns for all 5 ZT pillars
  • prompt-injection, agentic-top-10: Concrete regex patterns added

R7 Subagent (12 skills fixed): Added parallelization markers for independent assessment steps

Also includes

  • SKILL_TEMPLATE.md for generating future skills
  • SKILL_AUDIT_TEMPLATE.md for future evaluations
  • @unitoneai/skills npm package (npx @unitoneai/skills init)

Test plan

  • Verify all 45 SKILL.md files retain valid YAML frontmatter
  • Verify Prompt Injection Safety Notice preserved on all skills
  • Spot-check 5 skills: extracted content matches original
  • Verify no broken file references (all -> See references/ paths exist)
  • Run npx @unitoneai/skills init against clean project

@claude
Enhance all 45 skills per SKILL_AUDIT.md 7-rule evaluation
d3b2912 
112 mandatory actions executed across 10 domains:
- R4 File Structure: Created /references/, /scripts/, /templates/ dirs
  across all skills. Extracted inline content (regex patterns, CWE maps,
  framework tables, report templates) into structured files (~75 new files)
- R2 Verification: Added falsifiable tests to 33 skills
- R5 Gotchas: Added/strengthened gotchas on 15 skills (FP patterns,
  precision traps, exploit lessons)
- R3 Elegance: Deduplicated owasp-top-10-web↔secure-code-review,
  agentic-top-10↔agent-security, refactored iam-review as orchestrator
- R1 System Layer: Added executable Grep/Glob patterns to llm-top-10
  (57 patterns), zero-trust-assessment, prompt-injection, agentic-top-10
- R7 Subagent: Added parallelization markers to 12 skills

Also adds npm package (@unitoneai/skills), SKILL_AUDIT.md, and .gitignore
updates for node_modules.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This was referenced Jun 3, 2026
Open
Open
Open
@Steven13799 Steven13799 mentioned this pull request Jun 5, 2026
Open
4 tasks
@RanuK12 RanuK12 mentioned this pull request Jun 6, 2026
Closed
5 tasks
@bnpl7 bnpl7 mentioned this pull request Jun 6, 2026
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kamalsrini