Self-contained, skip-friendly lab starting points (#103)
Sync course wiki / sync-wiki (push) Successful in 5s
CI / check (push) Successful in 6s

Co-authored-by: claude <claude@jpaul.io>
Co-committed-by: claude <claude@jpaul.io>
This commit was merged in pull request #103.
This commit is contained in:
2026-06-23 18:24:36 -04:00
committed by Claude (agent)
parent 74f23534c0
commit 7f439212ac
85 changed files with 2724 additions and 0 deletions
@@ -195,6 +195,15 @@ skills different from any dependency you've shipped before:
## Hands-on lab
> **Starting point (this lab is skip-friendly).** This lab is self-contained and does not depend
> on the earlier labs. Its files live in `modules/22-securing-third-party-mcp-and-skills/lab/`. Copy them into a working folder
> and make a first commit so you start clean:
>
> ```bash
> cp -r ~/ai-workflow-course/modules/22-securing-third-party-mcp-and-skills/lab ~/ai-workflow-course/22-securing-third-party-mcp-and-skills-lab
> cd ~/ai-workflow-course/22-securing-third-party-mcp-and-skills-lab && git init -b main && git add -A && git commit -m "start: module 22"
> ```
**Lab language:** shell, with a small Python file to read. You'll audit a deliberately sketchy
third-party skill, run a static red-flag scan over it, then reproduce a prompt-injection attack
against the Module 1 `tasks-app` and apply the least-privilege mitigation.