my-agent-stuff
skill
Basarisiz
Health Uyari
- License — License: MIT
- No description — Repository has no description
- Active repo — Last push 0 days ago
- Community trust — 10 GitHub stars
Code Basarisiz
- rm -rf — Recursive force deletion command in skills/iac-security-scanner/scripts/parse_terrascan_policies.py
- fs module — File system access in skills/mesh-security/lib/analyzer-wrapper.js
- fs module — File system access in skills/mesh-security/lib/remediation-engine.js
- fs module — File system access in skills/mesh-security/lib/report-generator.js
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This is a collection of productivity and workflow automation skills (plugins) designed for AI coding assistants like Claude Code, Codex CLI, and OpenCode. It bundles multiple utilities for tasks such as stripping image metadata, managing blog content, and integrating with note-taking apps.
Security Assessment
The tool carries a Medium overall security risk. While it does not request explicitly dangerous permissions or contain hardcoded secrets, the `ghost-content-manager` skill is flagged for making outbound network requests and accessing environment variables. This is an expected behavior for a plugin designed to sync content with an external Ghost blog, but it means the tool will transmit data over the internet. Other skills, such as `image-generator` and `readwise-assistant`, likely interact with external APIs as well. No malicious execution patterns were detected.
Quality Assessment
The project is recently maintained, with its last push occurring today. It benefits from a clear MIT license, which is excellent for open-source modification and distribution. However, the repository suffers from low community visibility (only 8 GitHub stars) and lacks a top-level description. It is worth noting that several included skills are direct ports or forks of utilities created by well-known developers in the ecosystem (such as Matt Pocock), which adds a layer of inherent credibility to the collection.
Verdict
Use with caution — the skills are relatively safe, but the collection has low community visibility and specific plugins actively transmit data externally.
This is a collection of productivity and workflow automation skills (plugins) designed for AI coding assistants like Claude Code, Codex CLI, and OpenCode. It bundles multiple utilities for tasks such as stripping image metadata, managing blog content, and integrating with note-taking apps.
Security Assessment
The tool carries a Medium overall security risk. While it does not request explicitly dangerous permissions or contain hardcoded secrets, the `ghost-content-manager` skill is flagged for making outbound network requests and accessing environment variables. This is an expected behavior for a plugin designed to sync content with an external Ghost blog, but it means the tool will transmit data over the internet. Other skills, such as `image-generator` and `readwise-assistant`, likely interact with external APIs as well. No malicious execution patterns were detected.
Quality Assessment
The project is recently maintained, with its last push occurring today. It benefits from a clear MIT license, which is excellent for open-source modification and distribution. However, the repository suffers from low community visibility (only 8 GitHub stars) and lacks a top-level description. It is worth noting that several included skills are direct ports or forks of utilities created by well-known developers in the ecosystem (such as Matt Pocock), which adds a layer of inherent credibility to the collection.
Verdict
Use with caution — the skills are relatively safe, but the collection has low community visibility and specific plugins actively transmit data externally.
README.md
My Agent Stuff
Inspired by https://github.com/mitsuhiko/agent-stuff
This is "my" agent-stuff
Although I would never marry any solution, pi.dev is mostly my daily driver now
Pi Skills
| Skill | Description |
|---|---|
| exif-stripper | Strip sensitive EXIF metadata from images before publishing to the web. |
| iac-security-scanner | Scan Terraform, Kubernetes, CloudFormation, ARM templates, and Dockerfiles for security misconfigurations with NIST mappings. |
| image-generator | Generate and edit images through Gemini image models. |
| made-to-stick | Apply the SUCCESs framework to make ideas, copy, and content more memorable. |
| mesh-security | Analyze Istio, Consul, and Linkerd service mesh configurations for security issues and NIST control mappings. |
| mischief-managed | Capture a lean end-of-session note into an Obsidian vault with decisions, changes, validation, caveats, and follow-ups. |
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi