backbay-labs/clawdstrike-desktop-dogfood-loop
.agents/skills/clawdstrike-desktop-dogfood-loop/SKILL.md
Use when the Huntronomer desktop app needs live dogfooding, reproduction, or smoke validation across the shell, launch overlay, Hunt Deck, Playwright browser flow, Tauri bridge, or OpenClaw and receipt states.
$ install --global
skillsauthnpx skillsauth add backbay-labs/clawdstrike clawdstrike-desktop-dogfood-loopInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 7:06 PM4.3s1 file scanned
SKILL.md
- name:
- clawdstrike-desktop-dogfood-loop
- description:
- Use when the Huntronomer desktop app needs live dogfooding, reproduction, or smoke validation across the shell, launch overlay, Hunt Deck, Playwright browser flow, Tauri bridge, or OpenClaw and receipt states.
ClawdStrike Desktop Dogfood Loop
Use this skill when the job is to prove what the Huntronomer desktop surface actually does, not what the React tree or Tauri code seems like it should do.
Outcomes
Drive toward:
- exact reproduction steps for Huntronomer shell behavior
- artifact-backed smoke validation from a live browser session
- clear separation between browser-shell issues, Tauri bridge issues, and runtime-data issues
- the smallest follow-up fix or verification plan
Workflow
- Launch the real surface first.
- Prefer
scripts/huntronomer-playwright-smoke.shfor fast shell and launch-overlay checks. - When the issue involves native commands, pair the smoke flow with
cd apps/desktop && bun run tauri:dev. - Classify the problem before editing: shell IA, routing, visual polish, OpenClaw runtime, daemon connectivity, Tauri bridge, proof and replay UI, or release packaging.
- Capture artifacts under
output/playwright/and keep the failure mode concrete. - After a fix, rerun the smallest live pass that proves the issue is gone.
Current Fast Path
Run:
scripts/huntronomer-playwright-smoke.sh
This smoke path:
- opens a fresh browser session against the Huntronomer shell
- captures the launch overlay
- dismisses into the current Hunt Deck
- saves screenshots, snapshots, console output, network output, and
summary.json
Read apps/desktop/docs/huntronomer-dogfooding.md for environment knobs and current limitations.
Required Verification
Use the relevant subset of:
scripts/huntronomer-playwright-smoke.shcd apps/desktop && bun run typecheckcd apps/desktop && bun run test -- --runcd apps/desktop && bun run buildcargo check --manifest-path apps/desktop/src-tauri/Cargo.toml
Guardrails
- Do not treat browser smoke as proof that the native macOS Tauri shell is correct.
- Do not fail the smoke run on expected offline OpenClaw or daemon console errors unless the environment is meant to be fully connected.
- Use a fresh browser session for smoke checks so local storage does not hide first-run behavior.
- Keep screenshots and snapshot artifacts for regressions that are hard to explain in prose.
Related Skills
backbay-labs/hello-secure
testing
VerifiedTrustedCommunity
A simple skill demonstrating clawdstrike security
273SKILL.mdUpdated Apr 3, 2026
backbay-labs/examples/openclaw-plugin/skills/hello
tools
VerifiedTrustedCommunity
# Hello Skill A simple greeting skill that demonstrates secure agent operation. ## Description This skill allows the agent to greet users and perform basic file operations within the allowed workspace. ## Capabilities - Generate personalized greetings - Read files from the workspace - Write greeting logs to the output directory ## Usage Ask the agent: - "Say hello to Alice" - "Read the welcome message from data/welcome.txt" - "Log a greeting for Bob" ## Examples ### Basic Greeting **Us
273SKILL.mdUpdated Apr 3, 2026
backbay-labs/examples/bb-edr/skills/edr-triage
testing
VerifiedTrustedCommunity
# bb-edr: Triage Skill Use this skill to turn clawdstrike audit logs into an incident report and a minimal response plan. ## Inputs - `.hush/audit.jsonl` (JSONL) — clawdstrike audit events (allowed/denied, guard, reason). - `policy.yaml` — the active security policy. ## Task 1. Read and summarize the last ~50 audit events. 2. Focus on **denied** events first: - Group by `guard` (e.g., `forbidden_path`, `egress`, `patch_integrity`) - Identify likely intent (misconfiguration vs. suspici
273SKILL.mdUpdated Apr 3, 2026
backbay-labs/cursor-plugin/skills/threat-hunt
tools
VerifiedTrustedCommunity
Threat hunting and security event investigation
273SKILL.mdUpdated Apr 3, 2026