from awesome-skills62
Manage Gerrit repository and branch permissions at scale: templates, group mapping, manifest-based multi-repo permission sync, and drift detection for secure ac
A comprehensive skill for administering Gerrit permissions across many repositories and branches. Provides templates, decision frameworks, troubleshooting, and automation guidance to apply, audit, and maintain group- and branch-level access controls in multi-repo environments.
Use this skill when you need to: set up or audit Gerrit permissions, apply permission templates across many repos, troubleshoot permission inheritance or group-sync issues, or automate bulk permission updates from a manifest. Ideal for devops engineers, release managers, and security auditors.
scripts/ for auditing and applying templates (has_scripts=true).references/ with troubleshooting and workflow guides (has_references=true).Works with agent runtimes that support system-prompt-style skills and shell/script execution (e.g., Claude Code, Cursor, agents with Bash/CLI support).
Gerrit Permission Manager is a comprehensive skill for managing multi-repo Gerrit access controls via templates, drift detection, and bulk updates. It bundles 10 shell scripts that all require a live Gerrit server to function — none succeeded in the test environment. The SKILL.md is lengthy and structured across 16 sections with references, but the core content (§2-§9) is missing from the body and only linked. Scripts have reasonable argument parsing and dry-run support but use hardcoded default credentials (admin:secret in gerrit-api.sh) and unquoted variable interpolation in SSH/curl commands posing injection risks.
gerrit server (requires running Gerrit instance)Security deductions: hardcoded password default in gerrit-api.sh (-28 → 72), shell injection risk from unquoted vars in SSH/curl commands (-12 → 60), network calls to configurable but default-localhost hosts (minor, -2 → 58). Code quality: scripts are well-structured with proper arg parsing, help text, and dry-run support but all fail without a Gerrit server — no mock/offline mode, no input validation beyond presence checks. Architecture: 16-section SKILL.md with frontmatter and references/ directory is good structure, but the main body omits the core operational content (§2-§9) which are only links to unbundled reference files, making the skill partially unusable standalone. Usefulness: niche — only useful for teams managing Gerrit permissions at scale; requires Gerrit server, SSH keys, and specific environment setup.
