from gsd-skill-creator51
Security hygiene guidelines for self-modifying agent systems: path sanitization, safe YAML handling, data poisoning checks, and staging/quarantine practices to
Provides a set of security hygiene rules and checks tailored for self-modifying agent systems and community-contributed skills. It documents threat vectors (path traversal, unsafe YAML, data poisoning), concrete checks to implement, and staging/quarantine principles to prevent accidental execution or leaking of sensitive patterns.
Activate this skill when creating, editing, or deleting skill files or agent definitions; when processing YAML/JSONL configuration or community-contributed skill content; or when performing file-path operations that may include user input. It's also relevant during installs/updates of agent frameworks and when reviewing new community submissions.
Applies broadly to agents that manage or modify skills and project files (Claude Code, GSD-style orchestrators, CI bots, and developer automation agents).
Security Hygiene is a documentation-only skill providing security guidelines for self-modifying agent systems. It covers path traversal, YAML deserialization, data poisoning, permission bypass, and content hygiene. No scripts were bundled. The SKILL.md is well-structured with a clear threat table and actionable rules, though it targets a niche audience of agent system developers.
Clean skill with no security concerns. Promotes good practices rather than introducing risks. Single-file skill with no scripts or references directory.
