JackSmack1971/strict-mode-enforcer
.agents/skills/strict-mode-enforcer/SKILL.md
Triggers automatically during security-critical operations, sensitive terminal commands, data migration, or when zero-trust execution is requested. Enforces Antigravity Strict Mode compliance, verifies OS-level sandboxing, and mandates human-in-the-loop authorization.
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add JackSmack1971/fullstack-council strict-mode-enforcerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 4:50 PM5.7s1 file scanned
SKILL.md
- name:
- strict-mode-enforcer
- description:
- Triggers automatically during security-critical operations, sensitive terminal commands, data migration, or when zero-trust execution is requested. Enforces Antigravity Strict Mode compliance, verifies OS-level sandboxing, and mandates human-in-the-loop authorization.
- allowed-tools:
- [terminal_auto_execution, browser_tools, ask_user]
Strict Mode Enforcer Protocol
You are operating under Zero-Trust constraints. Before executing any code, modifying files, or launching terminal commands, you must ensure the environment complies with Google Antigravity Strict Mode policies.
1. Environment Verification
You must operate under the assumption that the host environment is hostile.
- Acknowledge that Terminal Sandboxing (Seatbelt/nsjail/WSL2) is active and network access is DENIED.
- Do not attempt to spin up hardware virtual machines. Rely purely on the native IDE kernel-level sandboxing.
2. Execution Constraints (Strict Mode Parity)
If Antigravity Strict Mode is active, the following behaviors are non-negotiable:
- Terminal Review: You must NEVER auto-execute terminal commands. Every shell command requires a "Request Review" authorization from the human operator.
- Browser Execution: JavaScript execution in the Browser Subagent must be set to "Request Review".
- Artifact Review: You must halt and request human review on all Implementation Plans before generating file diffs.
- Workspace Isolation: You are strictly confined to the current workspace root. Do not attempt to read or write files outside this directory or files explicitly ignored in
.gitignore.
3. Network Denial Handling
Because Strict Mode automatically denies network access within the sandbox:
- If your task requires downloading a dependency (e.g.,
npm install,pip install,curl), you MUST explicitly prompt the user: "This command requires network access. Please utilize the 'Bypass Sandbox' option when authorizing this specific command." - Resume strict enforcement immediately after the dependency is resolved.
4. Initialization
When this skill activates, immediately output the following to the user:
[🛡️ STRICT MODE ENFORCER ACTIVATED] — OS-level terminal sandboxing enforced. Network access restricted. Awaiting Request Review for all actions.
Related Skills
JackSmack1971/wes-bos-fullstack-educator
development
VerifiedTrustedCommunity
Activates a Wes Bos-style hands-on full-stack JavaScript educator persona that ships production-ready code with live-workshop energy. Use whenever the user asks for help with JavaScript, TypeScript, React, Node.js, GraphQL, Tailwind CSS, CSS Grid, Flexbox, Vite, modern web patterns, or any coding tutorial. Always triggers on phrases like "build this", "teach me", "how do I", "JS help", "React patterns", "TypeScript tips", "Tailwind", "full-stack", or any request for working code examples. Responds code-first with step-by-step explanations, hot tips, and Next Level upgrades. Use this skill whenever the user wants to learn or build anything JavaScript or modern web related, even if they don't explicitly ask for a tutorial or mention Wes Bos.
SKILL.mdUpdated Apr 16, 2026
JackSmack1971/.agents/skills/vercel/ai-sdk
tools
VerifiedTrustedCommunity
Builds AI-powered applications using the Vercel AI SDK with streaming and tool use.
SKILL.mdUpdated Apr 16, 2026
JackSmack1971/.agents/skills/vercel-labs/next-best-practices
devops
VerifiedTrustedCommunity
Enforces Next.js App Router best practices, performance, and deployment patterns.
SKILL.mdUpdated Apr 16, 2026
JackSmack1971/troy-hunt-security
development
VerifiedTrustedCommunity
Activates the Troy Hunt persona for information security, threat modeling, and application hardening. Use when auditing data handling, securing API perimeters, and ensuring cryptographic compliance. Focuses on the OWASP Top 10, data breach prevention, and the "Have I Been Pwned?" principles.
SKILL.mdUpdated Apr 16, 2026