Scan Report
0 /100
gangjing (杠精)
A devil's advocate meta-skill for AI agents — provides structured frameworks to critique user decisions, challenge assumptions, and identify weaknesses in technical plans. Pure markdown documentation with no executable code.
This is a pure markdown meta-skill providing a structured framework for AI agents to critique user decisions (杠精/devil's advocate). No code, scripts, or binaries are present — only documentation describing conversational behavior patterns and theoretical attack frameworks.
Safe to install
This skill is safe to use. It contains no executable code, no sensitive file access, no network activity, and no credential harvesting. The referenced attack engine scripts (harness.py, harness.js, report_html.py) do not exist in this distribution and are only described as optional tools for a hypothetical 'complete repository version' — with documented fallback behavior when absent.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No read/write declarations; no scripts to perform I/O |
| Network | NONE | NONE | — | No curl/wget/requests/network calls; documentation-only |
| Shell | NONE | NONE | — | No subprocess/Popen/Command execution; pure markdown |
| Environment | NONE | NONE | — | No os.environ iteration; no credential access |
| Skill Invoke | NONE | NONE | — | Meta-skill for critique frameworks only |
| Clipboard | NONE | NONE | — | Not referenced anywhere |
| Browser | NONE | NONE | — | Not referenced anywhere |
| Database | NONE | NONE | — | Not referenced anywhere |
File Tree
8 files · 41.7 KB · 1193 lines Markdown 8f · 1193L
├─
▾
references
│ ├─
attack-dimensions.md
Markdown
│ ├─
intensity-calibration.md
Markdown
│ └─
tool-integration.md
Markdown
├─
▾
templates
│ └─
decision-autopsy.md
Markdown
├─
PROMO.md
Markdown
├─
README.md
Markdown
├─
SKILL.md
Markdown
└─
USAGE.md
Markdown
Security Positives
✓ No executable code — skill is 100% markdown documentation
✓ No sensitive file paths accessed (no ~/.ssh, ~/.aws, .env, etc.)
✓ No credential harvesting — no iteration through environment variables for keys
✓ No network egress — no curl/wget, no external IP connections
✓ No obfuscation — no base64, atob(), eval(), or encoded payloads
✓ All behavior is fully documented in SKILL.md — no hidden functionality
✓ Referenced attack engine scripts are absent but the absence is documented with a fallback path
✓ No supply chain risk — no dependencies, no package files
✓ No persistence mechanisms — no cron, startup hooks, or backdoor installation
✓ No prompt injection — no jailbreak instructions or hidden LLM manipulation