This repository should contain only public-safe Markdown, HTML, YAML, and helper script content.
- API keys, tokens, passwords, OAuth credentials, private keys, or connection strings
- private transcripts, customer data, PHI, financial data, or raw logs
- private hostnames, live IPs, credential locations, or deployment-only details
- screenshots or artifacts that reveal secrets or private workspace state
If you find a secret, private-data leak, or unsafe example, please open a GitHub issue with the minimum necessary detail. Do not paste the secret itself into the issue. If the leak is sensitive, contact the maintainer privately first.
Run:
python3 scripts/validate_skill.pyThe validator performs structural checks and a lightweight secret/private-term scan. It is not a replacement for human review.