{"id":"69b8928d-5fc6-487d-84ed-9260f8e43f13","shortId":"47zPP8","kind":"skill","title":"sharp-edges","tagline":"sharp-edges","description":"---\nname: sharp-edges\ndescription: \"Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by...\n---\n\n# Sharp Edges Analysis\n\nEvaluates whether APIs, configurations, and interfaces are resistant to developer misuse. Identifies designs where the \"easy path\" leads to insecurity.\n\n## When to Use\n- Reviewing API or library design decisions\n- Auditing configuration schemas for dangerous options\n- Evaluating cryptographic API ergonomics\n- Assessing authentication/authorization interfaces\n- Reviewing any code that exposes security-relevant choices to developers\n\n## When NOT to Use\n\n- Implementation bugs (use standard code review)\n- Business logic flaws (use domain-specific analysis)\n- Performance optimization (different concern)\n\n## Core Principle\n\n**The pit of success**: Secure usage should be the path of least resistance. If developers must understand cryptography, read documentation carefully, or remember special rules to avoid vulnerabilities, the API has failed.\n\n## Rationalizations to Reject\n\n| Rationalization | Why It's Wrong | Required Action |\n|-----------------|----------------|-----------------|\n| \"It's documented\" | Developers don't read docs under deadline pressure | Make the secure choice the default or only option |\n| \"Advanced users need flexibility\" | Flexibility creates footguns; most \"advanced\" usage is copy-paste | Provide safe high-level APIs; hide primitives |\n| \"It's the developer's responsibility\" | Blame-shifting; you designed the footgun | Remove the footgun or make it impossible to misuse |\n| \"Nobody would actually do that\" | Developers do everything imaginable under pressure | Assume maximum developer confusion |\n| \"It's just a configuration option\" | Config is code; wrong configs ship to production | Validate configs; reject dangerous combinations |\n| \"We need backwards compatibility\" | Insecure defaults can't be grandfather-claused | Deprecate loudly; force migration |\n\n## Sharp Edge Categories\n\n### 1. Algorithm/Mode Selection Footguns\n\nAPIs that let developers choose algorithms invite choosing wrong ones.\n\n**The JWT Pattern** (canonical example):\n- Header specifies algorithm: attacker can set `\"alg\": \"none\"` to bypass signatures\n- Algorithm confusion: RSA public key used as HMAC secret when switching RS256→HS256\n- Root cause: Letting untrusted input control security-critical decisions\n\n**Detection patterns:**\n- Function parameters like `algorithm`, `mode`, `cipher`, `hash_type`\n- Enums/strings selecting cryptographic primitives\n- Configuration options for security mechanisms\n\n**Example - PHP password_hash allowing weak algorithms:**\n```php\n// DANGEROUS: allows crc32, md5, sha1\npassword_hash($password, PASSWORD_DEFAULT); // Good - no choice\nhash($algorithm, $password); // BAD: accepts \"crc32\"\n```\n\n### 2. Dangerous Defaults\n\nDefaults that are insecure, or zero/empty values that disable security.\n\n**The OTP Lifetime Pattern:**\n```python\n# What happens when lifetime=0?\ndef verify_otp(code, lifetime=300):  # 300 seconds default\n    if lifetime == 0:\n        return True  # OOPS: 0 means \"accept all\"?\n        # Or does it mean \"expired immediately\"?\n```\n\n**Detection patterns:**\n- Timeouts/lifetimes that accept 0 (infinite? immediate expiry?)\n- Empty strings that bypass checks\n- Null values that skip validation\n- Boolean defaults that disable security features\n- Negative values with undefined semantics\n\n**Questions to ask:**\n- What happens with `timeout=0`? `max_attempts=0`? `key=\"\"`?\n- Is the default the most secure option?\n- Can any default value disable security entirely?\n\n### 3. Primitive vs. Semantic APIs\n\nAPIs that expose raw bytes instead of meaningful types invite type confusion.\n\n**The Libsodium vs. Halite Pattern:**\n\n```php\n// Libsodium (primitives): bytes are bytes\nsodium_crypto_box($message, $nonce, $keypair);\n// Easy to: swap nonce/keypair, reuse nonces, use wrong key type\n\n// Halite (semantic): types enforce correct usage\nCrypto::seal($message, new EncryptionPublicKey($key));\n// Wrong key type = type error, not silent failure\n```\n\n**Detection patterns:**\n- Functions taking `bytes`, `string`, `[]byte` for distinct security concepts\n- Parameters that could be swapped without type errors\n- Same type used for keys, nonces, ciphertexts, signatures\n\n**The comparison footgun:**\n```go\n// Timing-safe comparison looks identical to unsafe\nif hmac == expected { }           // BAD: timing attack\nif hmac.Equal(mac, expected) { }  // Good: constant-time\n// Same types, different security properties\n```\n\n### 4. Configuration Cliffs\n\nOne wrong setting creates catastrophic failure, with no warning.\n\n**Detection patterns:**\n- Boolean flags that disable security entirely\n- String configs that aren't validated\n- Combinations of settings that interact dangerously\n- Environment variables that override security settings\n- Constructor parameters with sensible defaults but no validation (callers can override with insecure values)\n\n**Examples:**\n```yaml\n# One typo = disaster\nverify_ssl: fasle  # Typo silently accepted as truthy?\n\n# Magic values\nsession_timeout: -1  # Does this mean \"never expire\"?\n\n# Dangerous combinations accepted silently\nauth_required: true\nbypass_auth_for_health_checks: true\nhealth_check_path: \"/\"  # Oops\n```\n\n```php\n// Sensible default doesn't protect against bad callers\npublic function __construct(\n    public string $hashAlgo = 'sha256',  // Good default...\n    public int $otpLifetime = 120,       // ...but accepts md5, 0, etc.\n) {}\n```\n\nSee config-patterns.md for detailed patterns.\n\n### 5. Silent Failures\n\nErrors that don't surface, or success that masks failure.\n\n**Detection patterns:**\n- Functions returning booleans instead of throwing on security failures\n- Empty catch blocks around security operations\n- Default values substituted on parse errors\n- Verification functions that \"succeed\" on malformed input\n\n**Examples:**\n```python\n# Silent bypass\ndef verify_signature(sig, data, key):\n    if not key:\n        return True  # No key = skip verification?!\n\n# Return value ignored\nsignature.verify(data, sig)  # Throws on failure\ncrypto.verify(data, sig)     # Returns False on failure\n# Developer forgets to check return value\n```\n\n### 6. Stringly-Typed Security\n\nSecurity-critical values as plain strings enable injection and confusion.\n\n**Detection patterns:**\n- SQL/commands built from string concatenation\n- Permissions as comma-separated strings\n- Roles/scopes as arbitrary strings instead of enums\n- URLs constructed by joining strings\n\n**The permission accumulation footgun:**\n```python\npermissions = \"read,write\"\npermissions += \",admin\"  # Too easy to escalate\n\n# vs. type-safe\npermissions = {Permission.READ, Permission.WRITE}\npermissions.add(Permission.ADMIN)  # At least it's explicit\n```\n\n## Analysis Workflow\n\n### Phase 1: Surface Identification\n\n1. **Map security-relevant APIs**: authentication, authorization, cryptography, session management, input validation\n2. **Identify developer choice points**: Where can developers select algorithms, configure timeouts, choose modes?\n3. **Find configuration schemas**: Environment variables, config files, constructor parameters\n\n### Phase 2: Edge Case Probing\n\nFor each choice point, ask:\n- **Zero/empty/null**: What happens with `0`, `\"\"`, `null`, `[]`?\n- **Negative values**: What does `-1` mean? Infinite? Error?\n- **Type confusion**: Can different security concepts be swapped?\n- **Default values**: Is the default secure? Is it documented?\n- **Error paths**: What happens on invalid input? Silent acceptance?\n\n### Phase 3: Threat Modeling\n\nConsider three adversaries:\n\n1. **The Scoundrel**: Actively malicious developer or attacker controlling config\n   - Can they disable security via configuration?\n   - Can they downgrade algorithms?\n   - Can they inject malicious values?\n\n2. **The Lazy Developer**: Copy-pastes examples, skips documentation\n   - Will the first example they find be secure?\n   - Is the path of least resistance secure?\n   - Do error messages guide toward secure usage?\n\n3. **The Confused Developer**: Misunderstands the API\n   - Can they swap parameters without type errors?\n   - Can they use the wrong key/algorithm/mode by accident?\n   - Are failure modes obvious or silent?\n\n### Phase 4: Validate Findings\n\nFor each identified sharp edge:\n\n1. **Reproduce the misuse**: Write minimal code demonstrating the footgun\n2. **Verify exploitability**: Does the misuse create a real vulnerability?\n3. **Check documentation**: Is the danger documented? (Documentation doesn't excuse bad design, but affects severity)\n4. **Test mitigations**: Can the API be used safely with reasonable effort?\n\nIf a finding seems questionable, return to Phase 2 and probe more edge cases.\n\n## Severity Classification\n\n| Severity | Criteria | Examples |\n|----------|----------|----------|\n| Critical | Default or obvious usage is insecure | `verify: false` default; empty password allowed |\n| High | Easy misconfiguration breaks security | Algorithm parameter accepts \"none\" |\n| Medium | Unusual but possible misconfiguration | Negative timeout has unexpected meaning |\n| Low | Requires deliberate misuse | Obscure parameter combination |\n\n## References\n\n**By category:**\n\n- **Cryptographic APIs**: See references/crypto-apis.md\n- **Configuration Patterns**: See references/config-patterns.md\n- **Authentication/Session**: See references/auth-patterns.md\n- **Real-World Case Studies**: See references/case-studies.md (OpenSSL, GMP, etc.)\n\n**By language** (general footguns, not crypto-specific):\n\n| Language | Guide |\n|----------|-------|\n| C/C++ | references/lang-c.md |\n| Go | references/lang-go.md |\n| Rust | references/lang-rust.md |\n| Swift | references/lang-swift.md |\n| Java | references/lang-java.md |\n| Kotlin | references/lang-kotlin.md |\n| C# | references/lang-csharp.md |\n| PHP | references/lang-php.md |\n| JavaScript/TypeScript | references/lang-javascript.md |\n| Python | references/lang-python.md |\n| Ruby | references/lang-ruby.md |\n\nSee also references/language-specific.md for a combined quick reference.\n\n## Quality Checklist\n\nBefore concluding analysis:\n\n- [ ] Probed all zero/empty/null edge cases\n- [ ] Verified defaults are secure\n- [ ] Checked for algorithm/mode selection footguns\n- [ ] Tested type confusion between security concepts\n- [ ] Considered all three adversary types\n- [ ] Verified error paths don't bypass security\n- [ ] Checked configuration validation\n- [ ] Constructor params validated (not just defaulted) - see config-patterns.md\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["sharp","edges","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows"],"capabilities":["skill","source-sickn33","skill-sharp-edges","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/sharp-edges","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34515 github stars · SKILL.md body (10,967 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T12:51:45.591Z","embedding":null,"createdAt":"2026-04-18T21:44:48.326Z","updatedAt":"2026-04-22T12:51:45.591Z","lastSeenAt":"2026-04-22T12:51:45.591Z","tsv":"'-1':676,947 '0':403,415,419,434,466,469,724,941 '1':282,887,890,984,1078 '120':720 '2':381,903,928,1009,1088,1134 '3':485,917,978,1041,1098 '300':409,410 '4':607,1070,1114 '5':731 '6':815 'accept':379,421,433,669,684,722,976,1165 'accid':1062 'accumul':858 'action':164 'activ':987 'actual':231 'admin':865 'advanc':185,193 'adversari':983,1276 'affect':1112 'alg':307 'algorithm':291,303,312,340,360,376,912,1003,1163 'algorithm/mode':283,1264 'allow':358,363,1157 'also':1241 'analysi':45,116,884,1252 'api':16,29,48,70,83,152,204,286,489,490,895,1047,1119,1188 'arbitrari':846 'aren':630 'around':758 'ask':461,936,1329 'assess':85 'assum':240 'attack':304,593,991 'attempt':468 'audit':75 'auth':686,690 'authent':896 'authentication/authorization':86 'authentication/session':1195 'author':897 'avoid':149 'backward':265 'bad':378,591,706,1109 'blame':214 'blame-shift':213 'block':757 'boolean':448,621,748 'boundari':1337 'box':515 'break':1161 'bug':104 'built':834 'busi':109 'bypass':310,441,689,777,1283 'byte':494,510,512,553,555 'c':1230 'c/c':1218 'caller':653,707 'canon':299 'care':143 'case':930,1139,1201,1257 'catastroph':614 'catch':756 'categori':281,1186 'caus':326 'check':442,693,696,812,1099,1262,1285 'checklist':1249 'choic':96,179,374,906,934 'choos':290,293,915 'cipher':342 'ciphertext':574 'clarif':1331 'classif':1141 'claus':274 'clear':1304 'cliff':609 'code':39,90,107,252,407,1084 'combin':262,633,683,1183,1245 'comma':841 'comma-separ':840 'comparison':577,583 'compat':266 'concaten':837 'concept':559,956,1272 'concern':120 'conclud':1251 'config':250,254,259,628,923,993 'config-patterns.md':727,1295 'configur':18,31,49,76,248,349,608,913,919,999,1191,1286 'confus':243,313,501,830,952,1043,1269 'consid':981,1273 'constant':600 'constant-tim':599 'construct':710,852 'constructor':645,925,1288 'control':330,992 'copi':197,1014 'copy-past':196,1013 'core':121 'correct':533 'could':562 'crc32':364,380 'creat':190,613,1094 'criteria':1143,1340 'critic':333,822,1145 'crypto':514,535,1214 'crypto-specif':1213 'crypto.verify':802 'cryptograph':33,82,347,1187 'cryptographi':140,898 'danger':17,79,261,362,382,638,682,1103 'data':782,797,803 'deadlin':174 'decis':74,334 'def':404,778 'default':181,268,371,383,384,412,449,473,480,649,701,716,761,959,963,1146,1154,1259,1293 'deliber':1179 'demonstr':1085 'deprec':275 'describ':1308 'descript':11 'design':21,30,58,73,217,1110 'detail':729 'detect':335,429,549,619,744,831 'develop':55,98,137,168,210,234,242,289,809,905,910,989,1012,1044 'differ':119,604,954 'disabl':392,451,482,624,996 'disast':663 'distinct':557 'doc':172 'document':142,167,967,1018,1100,1104,1105 'doesn':702,1106 'domain':114 'domain-specif':113 'downgrad':1002 'easi':61,519,867,1159 'edg':3,6,10,44,280,929,1077,1138,1256 'effort':1125 'empti':438,755,1155 'enabl':23,827 'encryptionpublickey':539 'enforc':532 'entir':484,626 'enum':850 'enums/strings':345 'environ':639,921,1320 'environment-specif':1319 'ergonom':35,84 'error':14,545,567,734,766,950,968,1035,1054,1279 'error-pron':13 'escal':869 'etc':725,1207 'evalu':37,46,81 'everyth':236 'exampl':300,354,659,774,1016,1022,1144 'excus':1108 'expect':590,597 'expert':1325 'expir':427,681 'expiri':437 'explicit':883 'exploit':1090 'expos':92,492 'fail':154 'failur':548,615,733,743,754,801,808,1064 'fals':806,1153 'fasl':666 'featur':453 'file':924 'find':918,1024,1072,1128 'first':1021 'flag':622 'flaw':111 'flexibl':188,189 'follow':40 'footgun':20,191,219,222,285,578,859,1087,1211,1266 'forc':277 'forget':810 'function':337,551,709,746,768 'general':1210 'gmp':1206 'go':579,1220 'good':372,598,715 'grandfath':273 'grandfather-claus':272 'guid':1037,1217 'halit':505,529 'happen':400,463,939,971 'hash':343,357,368,375 'hashalgo':713 'header':301 'health':692,695 'hide':205 'high':202,1158 'high-level':201 'hmac':319,589 'hmac.equal':595 'hs256':324 'ident':585 'identif':889 'identifi':12,57,904,1075 'ignor':795 'imagin':237 'immedi':428,436 'implement':103 'imposs':226 'infinit':435,949 'inject':828,1006 'input':329,773,901,974,1334 'insecur':65,267,387,657,1151 'instead':495,749,848 'int':718 'interact':637 'interfac':51,87 'invalid':973 'invit':292,499 'java':1226 'javascript/typescript':1234 'join':854 'jwt':297 'key':316,470,527,540,542,572,783,786,790 'key/algorithm/mode':1060 'keypair':518 'kotlin':1228 'languag':1209,1216 'lazi':1011 'lead':63 'least':134,880,1031 'let':288,327 'level':203 'librari':34,72 'libsodium':503,508 'lifetim':396,402,408,414 'like':339 'limit':1296 'logic':110 'look':584 'loud':276 'low':1177 'mac':596 'magic':672 'make':176,224 'malform':772 'malici':988,1007 'manag':900 'map':891 'mask':742 'match':1305 'max':467 'maximum':241 'md5':365,723 'mean':420,426,679,948,1176 'meaning':497 'mechan':353 'medium':1167 'messag':516,537,1036 'migrat':278 'minim':1083 'misconfigur':1160,1171 'miss':1342 'mistak':25 'misunderstand':1045 'misus':56,228,1081,1093,1180 'mitig':1116 'mode':341,916,1065 'model':980 'must':138 'name':7 'need':187,264 'negat':454,943,1172 'never':680 'new':538 'nobodi':229 'nonc':517,524,573 'nonce/keypair':522 'none':308,1166 'null':443,942 'obscur':1181 'obvious':1066,1148 'one':295,610,661 'oop':418,698 'openssl':1205 'oper':760 'optim':118 'option':80,184,249,350,477 'otp':395,406 'otplifetim':719 'output':1314 'overrid':642,655 'param':1289 'paramet':338,560,646,926,1051,1164,1182 'pars':765 'password':356,367,369,370,377,1156 'past':198,1015 'path':62,132,697,969,1029,1280 'pattern':298,336,397,430,506,550,620,730,745,832,1192 'perform':117 'permiss':838,857,861,864,874,1335 'permission.admin':878 'permission.read':875 'permission.write':876 'permissions.add':877 'phase':886,927,977,1069,1133 'php':355,361,507,699,1232 'pit':124 'plain':825 'point':907,935 'possibl':1170 'pressur':175,239 'primit':206,348,486,509 'principl':122 'probe':931,1136,1253 'product':257 'prone':15 'properti':606 'protect':704 'provid':199 'public':315,708,711,717 'python':398,775,860,1236 'qualiti':1248 'question':459,1130 'quick':1246 'ration':155,158 'raw':493 'read':141,171,862 'real':1096,1199 'real-world':1198 'reason':1124 'refer':1184,1247 'references/auth-patterns.md':1197 'references/case-studies.md':1204 'references/config-patterns.md':1194 'references/crypto-apis.md':1190 'references/lang-c.md':1219 'references/lang-csharp.md':1231 'references/lang-go.md':1221 'references/lang-java.md':1227 'references/lang-javascript.md':1235 'references/lang-kotlin.md':1229 'references/lang-php.md':1233 'references/lang-python.md':1237 'references/lang-ruby.md':1239 'references/lang-rust.md':1223 'references/lang-swift.md':1225 'references/language-specific.md':1242 'reject':157,260 'relev':95,894 'rememb':145 'remov':220 'reproduc':1079 'requir':163,687,1178,1333 'resist':53,135,1032 'respons':212 'return':416,747,787,793,805,813,1131 'reus':523 'review':28,69,88,108,1326 'roles/scopes':844 'root':325 'rs256':323 'rsa':314 'rubi':1238 'rule':147 'rust':1222 'safe':200,582,873,1122 'safeti':1336 'schema':32,77,920 'scope':1307 'scoundrel':986 'seal':536 'second':411 'secret':320 'secur':24,41,94,127,178,332,352,393,452,476,483,558,605,625,643,753,759,819,821,893,955,964,997,1026,1033,1039,1162,1261,1271,1284 'security-crit':331,820 'security-relev':93,892 'see':726,1189,1193,1196,1203,1240,1294 'seem':1129 'select':284,346,911,1265 'semant':458,488,530 'sensibl':648,700 'separ':842 'session':674,899 'set':306,612,635,644 'sever':1113,1140,1142 'sha1':366 'sha256':714 'sharp':2,5,9,43,279,1076 'sharp-edg':1,4,8 'shift':215 'ship':255 'sig':781,798,804 'signatur':311,575,780 'signature.verify':796 'silent':547,668,685,732,776,975,1068 'skill':1299 'skill-sharp-edges' 'skip':446,791,1017 'sodium':513 'source-sickn33' 'special':146 'specif':115,1215,1321 'specifi':302 'sql/commands':833 'ssl':665 'standard':106 'stop':1327 'string':439,554,627,712,817,826,836,843,847,855 'stringly-typ':816 'studi':1202 'substitut':763,1317 'succeed':770 'success':126,740,1339 'surfac':738,888 'swap':521,564,958,1050 'swift':1224 'switch':322 'take':552 'task':1303 'test':1115,1267,1323 'threat':979 'three':982,1275 'throw':751,799 'time':581,592,601 'timeout':465,675,914,1173 'timeouts/lifetimes':431 'timing-saf':580 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'toward':1038 'treat':1312 'true':417,688,694,788 'truthi':671 'type':344,498,500,528,531,543,544,566,569,603,818,872,951,1053,1268,1277 'type-saf':871 'typo':662,667 'undefin':457 'understand':139 'unexpect':1175 'unsaf':587 'untrust':328 'unusu':1168 'url':851 'usag':128,194,534,1040,1149 'use':26,68,102,105,112,317,525,570,1057,1121,1297 'user':186 'valid':258,447,632,652,902,1071,1287,1290,1322 'valu':390,444,455,481,658,673,762,794,814,823,944,960,1008 'variabl':640,922 'verif':767,792 'verifi':405,664,779,1089,1152,1258,1278 'via':998 'vs':487,504,870 'vulner':150,1097 'warn':618 'weak':359 'whether':38,47 'without':565,1052 'workflow':885 'world':1200 'would':230 'write':863,1082 'wrong':162,253,294,526,541,611,1059 'yaml':660 'zero/empty':389 'zero/empty/null':937,1255","prices":[{"id":"d2207822-4743-4bed-b56b-b45b095fc940","listingId":"69b8928d-5fc6-487d-84ed-9260f8e43f13","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:44:48.326Z"}],"sources":[{"listingId":"69b8928d-5fc6-487d-84ed-9260f8e43f13","source":"github","sourceId":"sickn33/antigravity-awesome-skills/sharp-edges","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/sharp-edges","isPrimary":false,"firstSeenAt":"2026-04-18T21:44:48.326Z","lastSeenAt":"2026-04-22T12:51:45.591Z"}],"details":{"listingId":"69b8928d-5fc6-487d-84ed-9260f8e43f13","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"sharp-edges","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34515,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-22T06:40:00Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"987b5c96f6cfaec2b63f111841a28d62ca781c9f","skill_md_path":"skills/sharp-edges/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/sharp-edges"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"sharp-edges","description":"sharp-edges"},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/sharp-edges"},"updatedAt":"2026-04-22T12:51:45.591Z"}}