chrbailey
@chrbailey
Public Skills
preventing-agent-overreach
by chrbailey
Scope guard that prevents AI agents from exceeding task boundaries. Enforces the principle of minimal action -- do exactly what was asked, nothing more. Use when delegating tasks to AI agents, when an agent starts modifying files beyond the original request, or when generated code includes unnecessary abstractions, features, or refactoring.
securing-ai-generated-code
by chrbailey
Reviews AI-generated code for security vulnerabilities before commit. Checks for injection flaws, privilege escalation, hardcoded secrets, insecure defaults, and missing input validation. Use when reviewing code written by AI coding agents, after code generation, or before committing AI-assisted changes.
governing-destructive-operations
by chrbailey
Pre-execution safety gate for destructive commands. Requires explicit confirmation before rm -rf, git push --force, DROP TABLE, database migrations, API deletes, and other irreversible operations. Use when an AI agent is about to execute a command that could cause data loss, overwrite work, or affect production systems.
managing-agent-secrets
by chrbailey
Prevents AI agents from exposing secrets, API keys, and credentials. Enforces rules for handling .env files, environment variables, and sensitive configuration. Use when working with environment variables, API keys, database credentials, or any sensitive configuration that AI agents might accidentally log, commit, or expose.
validating-agent-claims
by chrbailey
Epistemic verification framework for AI-generated assertions. Requires evidence before acting on LLM claims about code behavior, system state, API responses, or factual statements. Use when an AI agent makes claims that will drive decisions, before acting on research results, or when an agent asserts something is true without showing evidence.