The Agent Skills Directory

[SAFE]: The skill implements a robust 'reproduce-diagnose-fix-verify' workflow that prioritizes validation through testing before applying changes.
[SAFE]: The reference files located in references/ contain snippets of vulnerable code (e.g., rm -rf / in nodejs-typescript.md or SQL injection in expressjs.md). These are explicitly labeled as 'BUG' patterns used for pattern matching and training the agent on what to identify and remediate. They do not constitute executable instructions or malicious payloads.
[SAFE]: Tool usage is restricted to a set of standard development utilities (Bash, Read, Write, Edit, Glob, Grep) within the context of the project being analyzed.
[SAFE]: The skill includes explicit guardrails to prevent common pitfalls, such as mixing refactors with bugfixes or weakening tests to pass fixes.

bugfix