{"id":"3b7828eb-5f6a-45f2-a71c-707cf88e6950","shortId":"pvNsfr","kind":"skill","title":"safe-repo","tagline":"Check for sensitive data in repository. Use when user asks to \"check for sensitive data\", \"/safe-repo\", or wants to verify no company/credential data is in the repository. Use `--diff` mode to scope to staged + unstaged changes only (e.g., before commit). Don't use for general co","description":"# Safe Repository Check\n\n## Context\n\nSecurity audit for sensitive data in repository. Check for credentials, API keys, company-specific information, and PII.\n\n## Modes\n\n- **Default (full-scan)**: scans all git-tracked files plus history. Use for periodic audits or first-time repo review.\n- **`--diff`**: scans only staged + unstaged changes (`git diff` + `git diff --cached`). Use before commit or when called from `review` / `ship` workflows. Fast, no false positives from pre-existing files.\n\n## Workflow\n\n### Default (full-scan)\n\n1. Run `bash scripts/scan-secrets.sh` to scan all tracked files for credential patterns\n   (see [references/patterns.md](references/patterns.md) for full pattern list)\n2. Check for sensitive tracked files (.env, secrets)\n3. Analyze git history for removed secrets\n4. Review `.gitignore` for proper patterns\n5. Report findings (see [assets/report-template.md](assets/report-template.md))\n\n### `--diff` mode\n\n1. Compute changed files: `git diff --name-only HEAD` + `git diff --name-only --cached`\n2. Scan only those files against the credential patterns\n3. Skip history analysis (not relevant for in-flight changes)\n4. Report findings scoped to changed files only\n\n## Rules\n\n- **Only check git-tracked files** (`git ls-files`) - ignore local configs\n- Check current tracked files AND git history\n- Filter false positives: minified JS, node_modules, test fixtures, docs\n- Verify `.gitignore` covers sensitive patterns\n- Report tracked files with secrets and historical commits\n- Never output actual secret values in report\n\n## Error Handling\n\n- If `git ls-files` returns nothing → verify the current directory is a git repository; run `git status` to confirm\n- If git history scan is slow → limit to last 100 commits with `git log --oneline -100`\n- If false positives are high → cross-reference against patterns in [references/patterns.md](references/patterns.md) before reporting","tags":["safe","repo","agent","skills","helderberto","agent-skills","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli"],"capabilities":["skill","source-helderberto","skill-safe-repo","topic-agent-skills","topic-ai-tools","topic-antigravity","topic-claude-code","topic-cursor","topic-developer-tools","topic-gemini-cli","topic-markdown","topic-plugin","topic-sdlc","topic-skills","topic-tracer-bullet"],"categories":["agent-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/helderberto/agent-skills/safe-repo","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add helderberto/agent-skills","source_repo":"https://github.com/helderberto/agent-skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,911 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:09:14.612Z","embedding":null,"createdAt":"2026-05-18T13:14:54.877Z","updatedAt":"2026-05-18T19:09:14.612Z","lastSeenAt":"2026-05-18T19:09:14.612Z","tsv":"'-100':310 '/safe-repo':19 '1':130,178 '100':304 '2':149,194 '3':157,203 '4':164,214 '5':170 'actual':268 'analysi':206 'analyz':158 'api':64 'ask':13 'assets/report-template.md':174,175 'audit':55,88 'bash':132 'cach':105,193 'call':111 'chang':39,100,180,213,219 'check':4,15,52,61,150,224,236 'co':49 'commit':43,108,265,305 'compani':67 'company-specif':66 'company/credential':25 'comput':179 'config':235 'confirm':294 'context':53 'cover':255 'credenti':63,140,201 'cross':317 'cross-refer':316 'current':237,284 'data':7,18,26,58 'default':73,126 'diff':32,95,102,104,176,183,189 'directori':285 'doc':252 'e.g':41 'env':155 'error':273 'exist':123 'fals':118,244,312 'fast':116 'file':82,124,138,154,181,198,220,228,232,239,260,279 'filter':243 'find':172,216 'first':91 'first-tim':90 'fixtur':251 'flight':212 'full':75,128,146 'full-scan':74,127 'general':48 'git':80,101,103,159,182,188,226,229,241,276,288,291,296,307 'git-track':79,225 'gitignor':166,254 'handl':274 'head':187 'high':315 'histor':264 'histori':84,160,205,242,297 'ignor':233 'in-flight':210 'inform':69 'js':247 'key':65 'last':303 'limit':301 'list':148 'local':234 'log':308 'ls':231,278 'ls-file':230,277 'minifi':246 'mode':33,72,177 'modul':249 'name':185,191 'name-on':184,190 'never':266 'node':248 'noth':281 'onelin':309 'output':267 'pattern':141,147,169,202,257,320 'period':87 'pii':71 'plus':83 'posit':119,245,313 'pre':122 'pre-exist':121 'proper':168 'refer':318 'references/patterns.md':143,144,322,323 'relev':208 'remov':162 'repo':3,93 'report':171,215,258,272,325 'repositori':9,30,51,60,289 'return':280 'review':94,113,165 'rule':222 'run':131,290 'safe':2,50 'safe-repo':1 'scan':76,77,96,129,135,195,298 'scope':35,217 'scripts/scan-secrets.sh':133 'secret':156,163,262,269 'secur':54 'see':142,173 'sensit':6,17,57,152,256 'ship':114 'skill' 'skill-safe-repo' 'skip':204 'slow':300 'source-helderberto' 'specif':68 'stage':37,98 'status':292 'test':250 'time':92 'topic-agent-skills' 'topic-ai-tools' 'topic-antigravity' 'topic-claude-code' 'topic-cursor' 'topic-developer-tools' 'topic-gemini-cli' 'topic-markdown' 'topic-plugin' 'topic-sdlc' 'topic-skills' 'topic-tracer-bullet' 'track':81,137,153,227,238,259 'unstag':38,99 'use':10,31,46,85,106 'user':12 'valu':270 'verifi':23,253,282 'want':21 'workflow':115,125","prices":[{"id":"087d1ea1-4acd-4218-9fa3-b6138e95c452","listingId":"3b7828eb-5f6a-45f2-a71c-707cf88e6950","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"helderberto","category":"agent-skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:14:54.877Z"}],"sources":[{"listingId":"3b7828eb-5f6a-45f2-a71c-707cf88e6950","source":"github","sourceId":"helderberto/agent-skills/safe-repo","sourceUrl":"https://github.com/helderberto/agent-skills/tree/main/skills/safe-repo","isPrimary":false,"firstSeenAt":"2026-05-18T13:14:54.877Z","lastSeenAt":"2026-05-18T19:09:14.612Z"}],"details":{"listingId":"3b7828eb-5f6a-45f2-a71c-707cf88e6950","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"helderberto","slug":"safe-repo","github":{"repo":"helderberto/agent-skills","stars":8,"topics":["agent-skills","ai","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli","markdown","plugin","sdlc","skills","tracer-bullet"],"license":"mit","html_url":"https://github.com/helderberto/agent-skills","pushed_at":"2026-05-14T11:37:47Z","description":"My personal SDLC toolbelt for AI coding agents — PRD to ship.","skill_md_sha":"3eb431b6b697db10b1b82e2846790b203e38d249","skill_md_path":"skills/safe-repo/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/helderberto/agent-skills/tree/main/skills/safe-repo"},"layout":"multi","source":"github","category":"agent-skills","frontmatter":{"name":"safe-repo","description":"Check for sensitive data in repository. Use when user asks to \"check for sensitive data\", \"/safe-repo\", or wants to verify no company/credential data is in the repository. Use `--diff` mode to scope to staged + unstaged changes only (e.g., before commit). Don't use for general code review, adding .gitignore entries, or scanning non-git directories."},"skills_sh_url":"https://skills.sh/helderberto/agent-skills/safe-repo"},"updatedAt":"2026-05-18T19:09:14.612Z"}}