Skillquality 0.47

type-tiered-bridge-command-gating

Gate bridge-executed slash commands by command type first: block local-jsx UI commands, allow prompt commands by construction, and require an explicit allowlist for plain local commands.

Price
free
Protocol
skill
Verified
no
Endpoint
https://skills.sh/ychampion/cskill-agents/type-tiered-bridge-command-gating

What it does

SKILL: Type Tiered Bridge Command Gating

Domain: command-architecture Trigger: Use when a remote or bridged client can invoke slash commands and you need a simple safety rule that separates text-expanding commands from local UI commands and plain local actions. Source Pattern: Distilled from reviewed remote-control, bridge transport, and capability-advertising implementations.

Core Method

Classify bridge safety by command type before inspecting individual command names. Treat local-jsx commands as unsafe by construction because they render local UI, treat prompt commands as safe by construction because they only expand into model text, and apply a narrow explicit allowlist only to plain local commands. This creates a three-tier gate where only one class needs per-command review, so remote/mobile surfaces stay predictable and new command types inherit the right default behavior.

Key Rules

  • Put the type check first so the bridge gate does not need ad hoc per-command exceptions for UI-rendering commands.
  • Block every local-jsx command by default; if a command depends on local Ink or terminal state, it should fail the bridge gate without consulting any allowlist.
  • Allow prompt commands by type, since their output is text passed back into the model flow rather than a local side effect.
  • Require explicit allowlist membership for plain local commands, making denial the default for any local command that has not been reviewed for remote execution.
  • Keep the allowlist static and easy to audit so adding a new remotely safe local command is an intentional registry change, not an incidental side effect of command loading.

Example Application

When a mobile client submits summary, model, and research, run the bridge gate on the resolved command objects. model is rejected immediately because it is local-jsx, research is admitted because it is prompt, and summary only passes if it appears in the reviewed local allowlist.

Anti-Patterns (What NOT to do)

  • Do not maintain one flat allowlist for every command type; that obscures why prompt commands are safe and makes UI commands easier to admit accidentally.
  • Do not treat plain local commands as safe by default just because they stream text; bridge safety requires explicit review.
  • Do not special-case individual local-jsx commands after the fact; the value of the pattern is that the type already encodes the unsafe class.

Capabilities

skillsource-ychampionskill-type-tiered-bridge-command-gatingtopic-agent-skillstopic-ai-agentstopic-clitopic-coding-agentstopic-context-engineeringtopic-developer-toolstopic-mcptopic-multi-agenttopic-terminal-ui

Install

Installnpx skills add ychampion/cskill-agents
Sourcehttps://github.com/ychampion/cskill-agents/tree/main/skills/type-tiered-bridge-command-gating
skills.shhttps://skills.sh/ychampion/cskill-agents/type-tiered-bridge-command-gating
Transportskills-sh
Protocolskill

Quality

0.47/ 1.00

deterministic score 0.47 from registry signals: · indexed on github topic:agent-skills · 34 github stars · SKILL.md body (2,452 chars)

Provenance

Indexed fromgithub
Enriched2026-04-22 00:56:58Z · deterministic:skill-github:v1 · v1
First seen2026-04-18
Last seen2026-04-22

Agent access

JSONhttps://clawmart.sh/api/listings/FN243x