The skill's documentation and tasks match a legitimate 'skill maintenance' purpose, but it defines powerful operations (patching, emergency isolation, read/write to other skills) without enforceable authorization mechanisms or declared required permissions — verify how those privileges are actually enforced before installing.
评估建议
Before installing or enabling this skill, verify three things with your platform/admins: (1) Authorization enforcement — confirm the platform actually enforces the documented checks (CISO-001/CTO-001 signatures, caller identity) and that those values cannot be forged via task parameters. (2) Privilege scoping — confirm what 'L3' read/write access means in practice, which directories the skill may modify, and that the skill cannot modify other skills or system files outside an approved scope with...
详细分析 ▾
ℹ用途与能力
The name/description and SKILL.md content are coherent: this is a maintainer workflow for updating, patching, auditing, deprecating skills. However the SKILL.md asserts a minimum privilege level (L3: read/write skills directory, isolated sessions) and operational capabilities (isolate other skills, apply security patches) that are not reflected in the registry metadata (no required config paths, no declared permissions). Confirm the platform will grant and constrain those privileges appropriately.
ℹ指令范围
The instructions define a task-oriented API (diagnose, patch, security-patch, emergency-isolate, dependency-audit, health-check). They do not directly instruct reading arbitrary host files or exporting secrets, but they explicitly assume the agent will modify other skills' files and perform isolation actions. The SKILL.md describes authorization checks (CISO-001/CTO-001) in prose/pseudocode only — there is no executable enforcement in the bundle. That reliance on out-of-band enforcement is a risk if the platform does not implement the described checks.
✓安装机制
Instruction-only skill with no install spec and no code files. Lowest installation risk since nothing is written or executed by default from this package.
ℹ凭证需求
The skill requests no environment variables or credentials (good). At the same time it expects the ability to read/write skills and to perform isolations. This implicit requirement for elevated access is disproportionate to what the package declares. Make sure the platform's permission model (L3) is required and cannot be spoofed by passing crafted task params (caller, authorization).
⚠持久化与权限
always:false and model invocation are default — not automatically dangerous. The concern is that the skill describes high-impact actions (emergency-isolate other skills, apply security patches, deprecate skills). If the platform allows agents to invoke this skill autonomously and does not strictly enforce the documented authorization checks, an attacker or misconfigured agent could cause denial-of-service (isolating skills) or unauthorized changes. The SKILL.md relies on caller identity strings (e.g., CISO-001) and isolated session semantics; these must be enforced by the platform.
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSLinux · macOS · Windows
版本
latestv1.0.02026/4/19
ai-skill-maintainer 1.1.0 introduces a comprehensive CTO+CISO skill maintenance workflow and new inter-agent interface.
- Added strict process and schema for skill version management, bug fixes, enhancements, dependency/security patching, and deprecation governance, integrating both CTO (semver, changelog, rollback) and CISO (SLA, patch, emergency response) standards.
- Defined a structured Inter-Agent API with new task types (diagnose, patch, security-patch, deprecate, emergency-isolate, health-check, dependency-audit), parameters, return schemas, and strict authorization rules.
- Enhanced security requirements: enforced agent isolation, privilege checks, CVE emergency channel, parameter validation, and error codes for SLA/compliance monitoring.
- Provided detailed workflow documentation for maintenance scenarios, step-by-step execution checklists, and reporting formats for traceability and audit alignment.
- Clarified agent roles, boundary of responsibilities, and allowed interactions with other skills within the platform.
by