If you discover a security vulnerability, please report it by emailing fullerbt@users.noreply.github.com.

Do not open a public issue for security vulnerabilities.

This repository contains Claude Code plugins (prompts, skills, agents). These are text-based configuration files that instruct Claude how to behave.

In scope:

• Prompt injection vulnerabilities in skill/agent definitions
• Unsafe bash commands in scripts
• Credential exposure in examples

Out of scope:

• Claude Code CLI vulnerabilities (report to Anthropic)
• General Claude model behavior (report to Anthropic)

We aim to acknowledge reports within 48 hours and provide a fix timeline within 7 days.