ayrisdev/app-store-optimization
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement Phase 4 Security & Compliance (SOURCES.md, SECURITY.md) [skip ci]

Browse Source
This commit is contained in:
sck_0
2026-01-25 19:30:51 +01:00
parent d38e2eeab1
commit f28591e648
3 changed files with 310 additions and 265 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@@ -25,20 +25,14 @@ This repository provides essential skills to transform your AI assistant into a
## 📍 Table of Contents
- [🌌 Antigravity Awesome Skills: 251+ Agentic Skills for Claude Code, Gemini CLI, Cursor, Copilot \& More](#-antigravity-awesome-skills-251-agentic-skills-for-claude-code-gemini-cli-cursor-copilot--more)
- [🌌 Antigravity Awesome Skills](#-antigravity-awesome-skills-253-agentic-skills-for-claude-code-gemini-cli-cursor-copilot--more)
- [📍 Table of Contents](#-table-of-contents)
- [New Here? Start Here!](#new-here-start-here)
- [🔌 Compatibility](#-compatibility)
- [Features \& Categories](#features--categories)
- [Full Skill Registry (251/251)](#full-skill-registry-251251)
- [Installation](#installation)
- [How to Contribute](#how-to-contribute)
- [Credits \& Sources](#credits--sources)
- [Official Sources](#official-sources)
- [Community Contributors](#community-contributors)
- [Inspirations](#inspirations)
- [📦 Curated Collections](#-curated-collections)
- [Full Skill Registry](#full-skill-registry-253253)
- [Credits & Sources](#credits--sources)
- [License](#license)
- [🏷️ GitHub Topics](#-github-topics)
---
@@ -124,7 +118,7 @@ The repository is organized into several key areas of expertise:
> [!NOTE] > **Document Skills**: We provide both **community** and **official Anthropic** versions for DOCX, PDF, PPTX, and XLSX. Locally, the official versions are used by default (via symlinks). In the repository, both versions are available for flexibility.
| Skill Name | Risk | Description | Path |
| :--- | :--- | :--- | :--- |
| :-------------------------------------------------- | :--- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------------------------------- |
| **2d-games** | ⚪ | 2D game development principles. Sprites, tilemaps, physics, camera. | `skills/game-development/2d-games` |
| **3d-games** | ⚪ | 3D game development principles. Rendering, shaders, physics, cameras. | `skills/game-development/3d-games` |
| **3d-web-experience** | ⚪ | Expert in building 3D experiences for the web - Three.js, React Three Fiber, Spline, WebGL, and interactive 3D scenes. Covers product configurators, 3D portfolios, immersive websites, and bringing depth to web experiences. Use when: 3D website, three.js, WebGL, react three fiber, 3D experience. | `skills/3d-web-experience` |
@@ -415,6 +409,17 @@ Please ensure your skill follows the Antigravity/Claude Code best practices.
## Credits & Sources
We stand on the shoulders of giants.
👉 **[View the Full Attribution Ledger](docs/SOURCES.md)**
Key contributors and sources include:
- **HackTricks**
- **OWASP**
- **Anthropic / OpenAI / Google**
- **The Open Source Community**
This collection would not be possible without the incredible work of the Claude Code community and official sources:
### Official Sources

19
SECURITY.md Normal file
View File

@@ -0,0 +1,19 @@
# Security Policy
## Supported Versions
We track the `main` branch.
## Reporting a Vulnerability
**DO NOT** open a public Issue for security exploits.
If you find a security vulnerability (e.g., a skill that bypasses the "Authorized Use Only" check or executes malicious code without warning):
1. Email: `security@antigravity.dev` (Placeholder)
2. Or open a **Private Advisory** on this repository.
## Offensive Skills Policy
Please read our [Security Guardrails](docs/SECURITY_GUARDRAILS.md).
All offensive skills are strictly for **authorized educational and professional use only**.

21
docs/SOURCES.md Normal file
View File

@@ -0,0 +1,21 @@
# 📜 Sources & Attributions
We believe in giving credit where credit is due.
If you recognize your work here and it is not properly attributed, please open an Issue.
| Skill / Category | Original Source | License | Notes |
| :-------------------------- | :----------------------------------------------------- | :------------- | :---------------------------- |
| `cloud-penetration-testing` | [HackTricks](https://book.hacktricks.xyz/) | MIT / CC-BY-SA | Adapted for agentic use. |
| `active-directory-attacks` | [HackTricks](https://book.hacktricks.xyz/) | MIT / CC-BY-SA | Adapted for agentic use. |
| `owasp-top-10` | [OWASP](https://owasp.org/) | CC-BY-SA | Methodology adapted. |
| `burp-suite-testing` | [PortSwigger](https://portswigger.net/burp) | N/A | Usage guide only (no binary). |
| `crewai` | [CrewAI](https://github.com/joaomdmoura/crewAI) | MIT | Framework guides. |
| `langgraph` | [LangGraph](https://github.com/langchain-ai/langgraph) | MIT | Framework guides. |
| `react-patterns` | [React Docs](https://react.dev/) | CC-BY | Official patterns. |
| **All Official Skills** | [Anthropic / Google / OpenAI] | Proprietary | Usage encouraged by vendors. |
## License Policy
- **Code**: All original code in this repository is **MIT**.
- **Content**: Documentation is **CC-BY-4.0**.
- **Third Party**: We respect the upstream licenses. If an imported skill is GPL, it will be marked clearly or excluded (we aim for MIT/Apache compatibility).