What kind of output does the auditor produce?

It generates JSON baseline metrics, Markdown gap reports, and a prioritized action plan including an executive summary and trend analysis.

How long does a full safety audit typically take?

A comprehensive audit using this skill typically takes between 1 and 3 hours, depending on the scope of the patterns being reviewed and the size of the test suite.

What is a Safety Pattern in this context?

A safety pattern is a specific rule or regex used to detect and block potentially dangerous terminal commands, such as accidental root deletions or improper argument ordering, before they are executed.

Can this skill identify platform-specific vulnerabilities?

Yes, the gap analyzer specifically looks for platform-specific command variants, such as identifying missing PowerShell or CMD equivalents for Unix-like commands.

Is this skill compatible with CI/CD pipelines?

Absolutely. The underlying scripts for baseline capture and gap analysis are designed to be integrated into automated workflows to act as a security gate for code merges.

Safety Pattern Auditor

Name: Safety Pattern Auditor
Author: wildcard

bywildcard

•

보안 및 테스팅

Conducts systematic audits of CLI safety patterns to identify security gaps, detect regressions, and generate actionable improvement reports.

소개

The Safety Pattern Auditor skill empowers developers to rigorously maintain the security layer of command-line tools by automating the detection of missing safety patterns and regression testing. It provides a structured 5-phase workflow—covering baseline capture, gap analysis, and priority assessment—to ensure that terminal commands remain safe from vulnerabilities like accidental deletions or malicious path variants. Ideal for pre-release QA gates and monthly security reviews, this skill translates complex pattern coverage metrics into clear, prioritized action plans and executive summaries.

주요 기능

Regression testing to ensure safety improvements don't introduce new vulnerabilities
Baseline capture for tracking safety metrics and coverage over time
23 GitHub stars
Automated gap analysis for argument order, path variants, and wildcard patterns
Detailed executive summary and trend analysis report generation
Severity-based priority assessment matrix for efficient triage

사용 사례

Post-incident analysis to strengthen patterns after a reported security issue
Pre-release QA gate to verify command safety before shipping updates
Periodic security reviews to identify and close emerging vulnerability gaps

소개

주요 기능

Regression testing to ensure safety improvements don't introduce new vulnerabilities
Baseline capture for tracking safety metrics and coverage over time
23 GitHub stars
Automated gap analysis for argument order, path variants, and wildcard patterns
Detailed executive summary and trend analysis report generation
Severity-based priority assessment matrix for efficient triage

사용 사례

Post-incident analysis to strengthen patterns after a reported security issue
Pre-release QA gate to verify command safety before shipping updates
Periodic security reviews to identify and close emerging vulnerability gaps