grtninja/avatarcore-desktop-acceptance
skill-candidates/avatarcore-desktop-acceptance/SKILL.md
Enforce AvatarCore workstation desktop-launch acceptance when frontend/backend launcher ownership, stale-window cleanup, and health proof must be explicit. Use when backend-only startup is being mistaken for app readiness or when a combined launcher is being introduced or repaired.
$ install --global
skillsauthnpx skillsauth add grtninja/skill-arbiter avatarcore-desktop-acceptanceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 22, 2026, 8:10 PM62.5s3 files scanned
SKILL.md
- name:
- avatarcore-desktop-acceptance
- description:
- Enforce AvatarCore workstation desktop-launch acceptance when frontend/backend launcher ownership, stale-window cleanup, and health proof must be explicit. Use when backend-only startup is being mistaken for app readiness or when a combined launcher is being introduced or repaired.
AvatarCore Desktop Acceptance
Use this skill for AvatarCore workstation launch acceptance, not for generic proxy-only validation.
Workflow
- Read the target repo
AGENTS.mdand runtime docs first. - Do not treat backend-only proxy startup as desktop success on this workstation.
- Require an explicit combined frontend-plus-backend launcher. If it does not exist yet, report the lane as undone.
- Validate desktop acceptance gates:
- no empty
cmd.exe,powershell.exe, orpwsh.exewindows remain open after launch - no stale repo-owned AvatarCore windows remain before relaunch
- the visible frontend and required local backend start together
/healthexposes a sanitized readiness snapshot the operator can verify
- no empty
- When display or frontend readiness is part of the lane, keep launcher behavior, health reporting, and display/runtime docs aligned.
- If acceptance changes, update launcher docs, startup checks, and nearby repo guidance in the same pass.
Required Evidence
- launcher path used
- stale-window cleanup result
- visible frontend proof
- backend health proof
- explicit note if the repo still lacks a valid combined launcher
Guardrails
- Backend-only
devor proxy launch paths are diagnostics, not workstation acceptance. - Do not claim app readiness if the visible frontend and local backend are not coupled.
- Keep health output sanitized and operator-readable.
- Keep host-specific display or machine assumptions out of repo-tracked public-shape docs.
Best-Fit Companion Skills
$desktop-startup-acceptance$repo-b-avatarcore-ops$local-compute-usage$docs-alignment-lock
Scope Boundary
Use this skill only for AvatarCore desktop-launch acceptance and launcher ownership.
Do not use it for:
- generic provider-routing changes without launcher impact
- Unreal content work that does not affect workstation acceptance
- cross-app meta-harness alignment by itself
References
references/desktop-acceptance-checklist.md
Loopback
If this lane is unresolved, blocked, or ambiguous:
- capture the missing launcher or failing acceptance gate
- route back through
$skill-hubfor chain recalculation - resume only after the updated chain returns a deterministic workstation-acceptance next step
Related Skills
grtninja/white-hat
tools
VerifiedTrustedCommunity
Run a defender-first security sweep on code, configs, prompts, model/tooling surfaces, or third-party contribution lanes. Use when a request involves safe bug, leak, zero-day-class, exploit, or hack hunting for protection, when contributing to outside repositories and you want a focused security pass, or when touching auth, secrets, permissions, network exposure, prompt/tool boundaries, data flow, or update/build surfaces. This skill is defensive only and must never be used for weaponization or unauthorized access.
2SKILL.mdUpdated Apr 22, 2026
grtninja/vrm-sandbox-startup-acceptance
development
VerifiedTrustedCommunity
Validate and repair VRM Sandbox startup acceptance with shim-first local model authority, frontend/backend bring-up, and avatar-runtime launch proof. Use when launch behavior, chat handoff, voice fallback, or runtime bridge acceptance must be verified end to end.
2SKILL.mdUpdated Apr 22, 2026
grtninja/voice-catalog-runtime-alignment
documentation
VerifiedTrustedCommunity
Align documented voice-command catalogs, endpoint action allowances, and live runtime handlers so operator-visible voice surfaces match what the stack can actually execute. Use when voice command docs, parser matrices, endpoint permissions, or runtime action routing drift apart.
2SKILL.mdUpdated Apr 22, 2026
grtninja/skillhub-trend-radar
development
VerifiedTrustedCommunity
Track SkillHub trend and topic drift, maintain a bounded rewrite watchlist, and surface emerging gaps worth turning into repo-owned skills. Use when the marketplace query set shows new families or when the current shortlist has gone stale.
2SKILL.mdUpdated Apr 22, 2026