starduster — GitHub Stars Catalog

Catalog your GitHub stars into a structured Obsidian vault with AI-synthesized summaries, normalized topics, graph-optimized wikilinks, and queryable index files.

Security Model

starduster processes untrusted content from GitHub repositories — descriptions, topics, and README files are user-generated and may contain prompt injection attempts. The skill uses a dual-agent content isolation pattern (same as kcap):

1. Main agent (privileged) — fetches metadata via gh CLI, writes files, orchestrates workflow
2. Synthesis sub-agent (sandboxed Explore type) — reads README content, classifies repos, returns structured JSON

Defense Layers

Layer 1 — Tool scoping: allowed-tools restricts Bash to specific gh api endpoints (/user/starred, /rate_limit, graphql), jq, and temp-dir management. No cat, no unrestricted gh api *, no ls.