fbec36cb67
Scaffold the course repo and author the full curriculum in dependency-chain order, following the settled build decisions in handoff.md. - Scaffold: course README, vendor-neutral AGENTS.md (dogfoods Module 5), _TEMPLATE.md (the fixed 9-section module shape), root .gitignore, ship config. - Modules 1-2: reference exemplars (locked for tone/depth/lab style). - Modules 3-27: full lessons + runnable labs, each following the template, respecting the chain, vendor/model-agnostic, with "feel the pain" labs. - Module 8 hosting comparison web-researched and date-stamped (as of 2026-06-22), not written from memory; expansion-zone modules carry Verify-before-publish. - Capstone: the full loop end to end on the running tasks-app example. Lab code syntax-checked (Python/shell/YAML); every module has the 7 core template sections. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01TfzV5QvtPDz8LJS3Pu5VLT
998 B
998 B
Module 22 lab files
Run the lab from the module README. Quick map of what's here:
audit.sh— the runnable vetting checklist.bash audit.sh <dir>statically scans a skill or MCP server for red flags (network egress, secret/env reads, shell-out, obfuscation, broad FS access, hidden/injected instructions, zero-width characters). It only reads; it never executes the target.suspicious-skill/— the audit TARGET for Part A. A deliberately malicious "export tasks to Notion" skill (SKILL.md+tools/sync.py). Do not install it or runsync.pyagainst real credentials — it exfiltrates your environment and local secrets. The point is to catch it first.poisoned-task.txt— the prompt-injection payload for Part B. A real-looking task with an injected "system" directive underneath, to add to the Module 1tasks-appand feed to your AI.
Expected result of Part A:
bash audit.sh suspicious-skill # exits non-zero, verdict: REJECT