Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

okwinds/policy_compliance_patcher

Name: policy_compliance_patcher
Author: okwinds

docs_for_coding_agent/examples/workflows/20_policy_compliance_patch/skills/policy_compliance_patcher/SKILL.md

npx skillsauth add okwinds/skills-runtime-sdk policy_compliance_patcher

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

policy_compliance_patcher（workflow / Policy Compliance Patch）

目标

在离线可回归约束下，把“规则/政策”以可分发形态随 Skill 打包：

policy 放在 references/policy.md
运行期通过 skill_ref_read 读取（默认禁用，需显式开启）
根据 policy 修复 workspace 里的目标文件，并落盘可审计产物

输入约定

任务文本中会包含 mention：$[examples:workflow].policy_compliance_patcher。
workspace 内已存在 target.md，其中包含一个“政策禁止的敏感 token”。

必须使用的工具

skill_ref_read：读取 references/policy.md（不需要 approvals，但默认 fail-closed）
read_file：读取 target.md（只读）
apply_patch：对 target.md 打最小补丁（写操作，通常需要 approvals）
file_write：落盘 patch.diff / result.md / report.md（写操作，通常需要 approvals）

References（可分发政策）

references/policy.md：示例 policy（禁止在产物中保留明文敏感 token）

约束

默认离线：不访问外网，不依赖真实 key。
修复必须最小化：只替换敏感 token，不做无关格式化。

okwinds/policy_compliance_patcher

docs_for_coding_agent/examples/workflows/20_policy_compliance_patch/skills/policy_compliance_patcher/SKILL.md

读取 policy（skill_ref_read）并对 workspace 文件执行合规补丁（apply_patch + 产物落盘）。

34 stars

tools

Updated Apr 26, 2026

$ install --global

skillsauth

npx skillsauth add okwinds/skills-runtime-sdk policy_compliance_patcher

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 26, 2026, 12:00 PM23.5s2 files scanned

SKILL.md

name:: policy_compliance_patcher
description:: 读取 policy（skill_ref_read）并对 workspace 文件执行合规补丁（apply_patch + 产物落盘）。
short-description:: Policy→Patch：skill_ref_read 读取可分发规则，apply_patch 修复并产出证据。

policy_compliance_patcher（workflow / Policy Compliance Patch）

目标

在离线可回归约束下，把“规则/政策”以可分发形态随 Skill 打包：

policy 放在 references/policy.md
运行期通过 skill_ref_read 读取（默认禁用，需显式开启）
根据 policy 修复 workspace 里的目标文件，并落盘可审计产物

输入约定

任务文本中会包含 mention：$[examples:workflow].policy_compliance_patcher。
workspace 内已存在 target.md，其中包含一个“政策禁止的敏感 token”。

必须使用的工具

skill_ref_read：读取 references/policy.md（不需要 approvals，但默认 fail-closed）
read_file：读取 target.md（只读）
apply_patch：对 target.md 打最小补丁（写操作，通常需要 approvals）
file_write：落盘 patch.diff / result.md / report.md（写操作，通常需要 approvals）

References（可分发政策）

references/policy.md：示例 policy（禁止在产物中保留明文敏感 token）

约束

默认离线：不访问外网，不依赖真实 key。
修复必须最小化：只替换敏感 token，不做无关格式化。

Related Skills

okwinds/novel-writer

documentation

VerifiedTrustedCommunity

用结构化流程生成一篇小说：大纲→概要→分章分段→组合→一致性自检。

34SKILL.mdUpdated Apr 26, 2026

okwinds/article-writer

documentation

VerifiedTrustedCommunity

用结构化流程写一篇文章：明确目标→大纲→分段写作→润色→一致性与事实自检。

34SKILL.mdUpdated Apr 26, 2026

okwinds/article-writer

okwinds/rules_reporter

business

VerifiedTrustedCommunity

规则报告（人类应用示例）：汇总输入、规则与产物清单到 report.md。

34SKILL.mdUpdated Apr 26, 2026

okwinds/rules_reporter

okwinds/rules_planner

tools

VerifiedTrustedCommunity

规则解析（人类应用示例）：把自然语言规则转成结构化 plan.json。

34SKILL.mdUpdated Apr 26, 2026

okwinds/rules_planner

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/okwinds/skills-runtime-sdk.git

# Copy into Claude Code skills folder (global)
cp -r skills-runtime-sdk/docs_for_coding_agent/examples/workflows/20_policy_compliance_patch/skills/policy_compliance_patcher ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

okwinds/skills-runtime-sdk

34 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT