scope-and-security
CommunityScope and security for safe agent workflows.
Authorj-mckerracher
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Defines clear boundaries for file access and action permissions in AI agent workflows, helping teams prevent accidental or intentional scope violations and secret exposure.
Core Features & Use Cases
- Artifact root and code repository scoping: Enforces separate artifact roots for workflow artifacts while restricting code modifications to designated agents.
- Forbidden file patterns: Prohibits modifying sensitive files such as .env, secrets, credentials, passwords, and common build artifacts like node_modules/, dist/, build/, as well as .git directories and lock files.
- Forbidden actions: Blocks HTTP requests to external URLs, direct credential access, installation of global packages, and system configuration changes.
- Secrets handling: Ensures secrets are never logged or echoed; references to secrets are made by name only and escalated if necessary.
- Scope creep prevention: Detects out-of-scope requests, stops changes, and documents the need for scope expansion.
Quick Start
Apply scope-and-security rules to an agent task by verifying artifact scope, forbidden patterns, and prohibited actions before making changes.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: scope-and-security Download link: https://github.com/j-mckerracher/agent-research/archive/main.zip#scope-and-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.