prepare_skill

This skill guides you through preparing a codebase for open-source release, auditing, documentation, hardening, and final review.
  • JavaScript

30

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

3 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill 2389-research/claude-plugins --skill prepare

  • SKILL.md7.8 KB

Overview

This skill guides a codebase through a full, disciplined preparation process for its first public or open-source release. It walks a maintainer through discovery, secrets and privacy checks, licensing, documentation, hardening, metadata, and a final review. Each phase reports findings, proposes changes, asks for approval, and implements only after consent.

How this skill works

The skill runs nine sequential phases, each following a simple loop: mark phase in_progress, scan current state, present findings, propose concrete changes, ask the user to skip/approve/modify, implement approved changes, commit with a descriptive message, and mark the phase complete. It detects ecosystem from common files (package.json, pyproject.toml, Cargo.toml, go.mod, etc.) and tailors checks and recommendations accordingly. The tool focuses strictly on public-readiness tasks and avoids code-style or architectural refactors unless explicitly requested.

When to use it

  • Preparing a private repository for its first public/open-source release.
  • Auditing a project for leakage of secrets or personal information before publishing.
  • Standardizing repository metadata and docs for package registry submission.
  • Adding minimal CI, dependency management, and contributor guidance before opening contributions.
  • Cleaning .gitignore, tracked sensitive files, and licensing mismatches prior to release.

Best practices

  • Work one phase at a time and approve proposed changes before implementation.
  • Treat secrets and personal info separately: rotate credentials and scrub history when needed.
  • Ask the user to choose licenses, CI providers, and hardening level; never impose defaults.
  • Check for license consistency between LICENSE file and package metadata.
  • Keep hardening minimal unless the user requests more (avoid over-engineering).

Example use cases

  • Node.js library: detect package.json, add LICENSE, refine .gitignore, and propose GitHub Actions CI.
  • Python CLI tool: scan for .env, ensure README includes usage, and propose SECURITY.md for disclosures.
  • Rust crate: verify Cargo.toml metadata, suggest keywords and repository fields for crates.io.
  • Repo with tracked secrets: surface files, recommend git history rewrite tools, and propose rotation steps.
  • Project with no CONTRIBUTING.md: propose a simple PR workflow and testing expectations for contributors.

FAQ

No. The skill intentionally avoids code-style, error handling, or architectural changes unless you explicitly ask.

What if secrets are found in git history?

You will be warned. The skill recommends revoking/rotating credentials and using git filter-repo or BFG to rewrite history, and it will propose steps but will only run history rewrite with your explicit approval.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational