skills
agent
Uyari
Health Uyari
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Gecti
- Code scan — Scanned 9 files during light audit, no dangerous patterns found
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This project provides a modular collection of "skills" (custom instructions and rules) designed to extend Claude Code. It automates developer workflows such as making git commits, creating pull requests, running OWASP security audits, and refactoring code.
Security Assessment
Overall Risk: Low. The tool is fundamentally a set of opinionated prompt rules and text-based guidelines rather than an executable application. A code scan of 9 files found no dangerous patterns, hardcoded secrets, or requests for overly permissive system access. Because it is designed to automate git and GitHub actions, it will inherently instruct your AI agent to execute shell commands (like pushing branches) and make network requests to the GitHub API. However, it does not access or exfiltrate your private data. It actually improves local security by integrating GitLeaks to prevent accidental secret commits.
Quality Assessment
This tool is very new and actively maintained, with its most recent updates pushed today. It uses the highly permissive MIT license, making it freely available for any use. The main drawback is its extremely low community visibility; with only 5 stars, the codebase has not undergone widespread peer review or community testing.
Verdict
Safe to use, but understand you are adopting a highly experimental tool with minimal community validation.
This project provides a modular collection of "skills" (custom instructions and rules) designed to extend Claude Code. It automates developer workflows such as making git commits, creating pull requests, running OWASP security audits, and refactoring code.
Security Assessment
Overall Risk: Low. The tool is fundamentally a set of opinionated prompt rules and text-based guidelines rather than an executable application. A code scan of 9 files found no dangerous patterns, hardcoded secrets, or requests for overly permissive system access. Because it is designed to automate git and GitHub actions, it will inherently instruct your AI agent to execute shell commands (like pushing branches) and make network requests to the GitHub API. However, it does not access or exfiltrate your private data. It actually improves local security by integrating GitLeaks to prevent accidental secret commits.
Quality Assessment
This tool is very new and actively maintained, with its most recent updates pushed today. It uses the highly permissive MIT license, making it freely available for any use. The main drawback is its extremely low community visibility; with only 5 stars, the codebase has not undergone widespread peer review or community testing.
Verdict
Safe to use, but understand you are adopting a highly experimental tool with minimal community validation.
Claude Code skills for git workflows, GitHub automation, security audits, code refactoring, and project tooling
README.md
Skills
Powertools for Claude Code: git workflows, GitHub automation, code quality, and project tooling. Each skill ships with modular, independently editable rules for deep, opinionated guidance.
Why These Skills
- Modular rules architecture — Each skill ships with standalone rule files in
rules/directories. Rules can be added, removed, or edited independently without touching the main skill logic. - Opinionated audit workflows — Skills like
security,github-actions,tailwind, andrefactorproduce structured severity-graded reports, then auto-fix issues. - GitLeaks built in — The
commit,security, andsetupskills all enforce GitLeaks secret detection as a first-class concern. - Convention-aware — Skills detect your project's existing conventions (language variant, commit format, package manager, project structure) and adapt automatically.
Skills
Invoke any skill with /skill-name in Claude Code.
Git
| Skill | Description |
|---|---|
| commit | Clean git commits with conventional commit detection and GitLeaks secret scanning |
| create-branch | Create and checkout a branch with naming validation and GitHub issue linking |
GitHub
| Skill | Description |
|---|---|
| create-pr | Push branch and create a pull request with structured description and auto-assignment |
| github-issues | Create, update, query, and comment on GitHub issues with MCP |
| github-actions | Create and audit GitHub Actions workflows with SHA pinning, permissions, and caching checks |
Code Quality
| Skill | Description |
|---|---|
| refactor | Audit and refactor TypeScript/JavaScript code for dead code, deep nesting, type assertions, and design patterns |
| security | OWASP Top 10 security audit with GitLeaks secret detection and dependency vulnerability scanning |
| tailwind | Audit and fix Tailwind CSS v4 anti-patterns for spacing, 8px grid, mobile-first, and GPU animations |
| testing | Write and run tests with Vitest and React Testing Library for JS/TS projects |
Project
| Skill | Description |
|---|---|
| setup | Add Biome, Husky, commitlint, lint-staged, GitLeaks, and TypeScript to JS/TS projects |
| project-structure | Audit project directory structure for colocation, grouping, and anti-pattern detection |
| naming-format | Audit and fix filename and export naming conventions for consistency |
| update-project | Update and maintain CLAUDE.md, README.md, agents, skills, and rules to match current project state |
Installation
Skills
Install all skills:
pnpm dlx skills add tartinerlabs/skills
Install a single skill:
pnpm dlx skills add tartinerlabs/skills/commit
Install a subset for specific workflows:
# Git and GitHub workflow skills only
pnpm dlx skills add tartinerlabs/skills/commit
pnpm dlx skills add tartinerlabs/skills/create-branch
pnpm dlx skills add tartinerlabs/skills/create-pr
pnpm dlx skills add tartinerlabs/skills/github-issues
# Security-focused subset
pnpm dlx skills add tartinerlabs/skills/security
pnpm dlx skills add tartinerlabs/skills/commit
pnpm dlx skills add tartinerlabs/skills/setup
Context7
pnpm dlx ctx7 skills install /tartinerlabs/skills --all --universal
Architecture
Skills use a modular rules pattern. Each skill directory contains:
skills/<name>/
SKILL.md # Skill definition with frontmatter
rules/ # Independent, editable rule files
some-rule.md # Severity, examples, fix instructions
This means you can:
- Customise a rule's severity or examples without forking the skill
- Add project-specific rules by dropping a new
.mdfile inrules/ - Remove rules you disagree with
Skill Format
Each skill is a directory with a SKILL.md file following the Agent Skills spec.
License
MIT
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi