The Agent Skills Directory

[SAFE]: The skill is a defensive utility intended to enhance project security. Its operations are transparent, documented, and aligned with its stated purpose of preventing secret leaks.
[COMMAND_EXECUTION]: The skill uses shell scripts (bootstrap-project.sh, scan-staged.sh, stage-agent-artifacts.sh) and Python scripts (redact_secrets.py) to wrap standard git and gitleaks commands. These executions are legitimately required for managing git hooks and performing local file scans. Static analysis findings for subprocess.run calls in the Python scripts are verified as safe usage of list-based command execution (not using shell=True).
[EXTERNAL_DOWNLOADS]: The bootstrap process optionally downloads and installs pre-commit via uvx and references official repositories for gitleaks and pre-commit-hooks. These sources are well-known, trusted developer services and are appropriate for the tool's functionality.
[CREDENTIALS_UNSAFE]: While the skill's test fixtures (tests/fixtures/) contain strings that resemble API keys (e.g., real_openai.md, real_anthropic.md), these are explicitly provided for the purpose of verifying that the scanning and redaction logic works correctly. They do not represent an actual credential leak or unsafe storage of operational secrets.
[DATA_EXPOSURE]: The skill accesses project-specific directories such as .claude/plans, .specstory/history, and ~/.claude/projects/ to locate agent transcripts for scanning and redaction. This access is scoped correctly to its primary function and does not involve exfiltration of data to external or untrusted domains.
[PERSISTENCE]: The skill provides an optional --install-hook flag in its bootstrap script to create a prepare-commit-msg git hook. This hook automates the staging of agent artifacts on every commit. This behavior is standard for development tools of this type and is clearly disclosed to the user.

agent-history-hygiene