Patch release tightening tool permissions and frontmatter across skills and review agents. No behavior changes — all edits are config hygiene plus two prose improvements cherry-picked from PR #6.
Changed
reviewing-codeskill: replaced unscopedBashwith scoped permissions (Bash(git *),Bash(gh pr *),Bash(gh api *),Bash(rg *),Bash(wc *)); addedRead/Grep/Glob/LS/LSPfor fallback inspection of user-provided file paths.- 24 review sub-agents (
go-*,py-*,ts-*,web-*×qa/impl/tests/idioms/docs/simplify): scoped unscopedBashto per-language read-only tooling. Top-level engineers (go-engineer,python-engineer,typescript-engineer,web-engineer) untouched — they do implementation work, not just review. writing-pythonskill: expanded "Verify Generated Code" with explicit retry loop (ruff --fix→ format →pyright→ repeat until green).testing-e2eskill: expanded Phase 3 with pass criteria, retry steps, and full-suite regression run.- 8 skills:
TodoWrite→TaskCreate/TaskUpdate/TaskListin frontmatter and prose. Per CC spec,TodoWriteis non-interactive/SDK only; interactive sessions useTask*. linting-instructionsskill: modelopus→sonnet(rule-based regex linting doesn't need Opus reasoning).looking-up-docsskill: removed deadWebSearchandmcp__perplexity-ask__perplexity_ask(description explicitly excludes general web search).
Fixed
mem-historyskill: addedcontext: fork—get_observationsreturns 500–2k tokens per result and was leaking into the main context.
Notes
- All 9 plugins bumped to 1.7.1 to align with marketplace tag.
- PR #6 (yogesh-tessl) closed without merge: the "frontmatter validation fix" was based on a third-party Tessl validator, not the Claude Code spec — which explicitly accepts both YAML lists and space-separated strings for
allowed-tools. Useful prose changes (verify loops) cherry-picked manually.