Add cross-tool positioning, Python helpers, tiers, and hygiene docs
Five improvements to position the library as a serious engineering project: 1. Cross-tool compatibility — new README "Works With" section honestly documenting where skills run (Claude Code natively; SKILL.md bodies port to other agents and chat LLMs as system prompts). 2. Python helper scripts (stdlib-only) for the three strongest skills: - sprint-planning: capacity_calculator.py (recommended commitment) - rice-prioritisation: rice_calculator.py (ranks, flags quick wins/moonshots) - cs-health-scorecard: health_score.py (weighted total + RAG) Each is wired into its SKILL.md and synced to the plugin copies. 3. Explicit skill tiering — TIERS.md + README section marking 46 Production-Ready skills and calling out Experimental (external-dependency) ones; everything else is Stable. 4. Repository hygiene — new CHANGELOG.md (Keep a Changelog format) and SKILL-AUTHORING-STANDARD.md; refreshed SECURITY.md version table and helper-script disclosure; added .gitignore. 5. Related Projects — README section linking to alirezarezvani/claude-skills and the major awesome-claude-skills / awesome-claude-code lists. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_016JWn5jRD5tcEFKrubjQ6Px
This commit is contained in:
+9
-4
@@ -10,9 +10,12 @@ That said, security matters here in two specific ways: **skill file safety** and
|
||||
|
||||
| Version | Supported |
|
||||
|---|---|
|
||||
| v4.0.0 (latest) | ✅ Active |
|
||||
| v3.0.0 | ✅ Security fixes only |
|
||||
| < v3.0.0 | ❌ No longer supported |
|
||||
| v14.x (latest) | ✅ Active |
|
||||
| v12.x – v13.x | ✅ Security fixes only |
|
||||
| < v12.0.0 | ❌ No longer supported |
|
||||
|
||||
Because skills are plain markdown, "support" means we review and correct any reported
|
||||
safety issue (prompt injection, unsafe instructions) in the listed versions.
|
||||
|
||||
## Skill File Safety
|
||||
|
||||
@@ -24,7 +27,9 @@ All skills in this repo are reviewed before merging to ensure they:
|
||||
- Do not contain malicious commands disguised as skill instructions
|
||||
- Do not include hardcoded credentials, API keys, or personally identifiable information
|
||||
|
||||
**If you are installing skills from this repo:** skills are plain text markdown files. They do not execute code, make network requests, or access your file system on their own. Review any skill file before installing if you have concerns.
|
||||
**If you are installing skills from this repo:** the skills themselves are plain markdown instruction files. They do not execute code, make network requests, or access your file system on their own. Review any skill file before installing if you have concerns.
|
||||
|
||||
**A few skills ship optional helper scripts** (in a `scripts/` folder, e.g. the sprint, RICE, and customer-health calculators). These are pure Python standard-library programs — no third-party dependencies, no network calls, no file writes outside what you pass them. They only run when you explicitly invoke them. Read any script before running it, exactly as you would any code from the internet.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
|
||||
Reference in New Issue
Block a user