github sickn33/agentic-awesome-skills v14.4.0
v14.4.0 "Protected Automation and Production Skills"

7 hours ago

[14.4.0] - 2026-07-14 - "Protected Automation and Production Skills"

Ten reviewed community skills for durable project memory, software-graph analysis, Cloudflare and codebase guardrails, data warehousing, and presentation production, backed by protected exact-commit maintainer automation.

Added

  • Added feature-tracking for durable feature decisions, implementation state, and project memory across sessions (PR #819).
  • Added ontoly-software-graph for querying and reasoning over Ontoly software knowledge graphs (PR #827).
  • Added cloudflare-security-audit plus the clean-code, documentation, testing, WooCommerce, and WordPress guard skills (PR #822).
  • Added warehouse for production-oriented data warehouse architecture and implementation workflows (PR #818).
  • Added pptx-deck-creation for structured PowerPoint research, authoring, rendering, and visual QA (PR #830).

Changed

  • Protected canonical repository writers with exact pull-request and commit binding, trusted regression gates, fail-closed approval handling, and a single guarded canonical-sync path.
  • Restored the explicit fork-approval flow while preventing workflow runs from being reused across unrelated pull requests or head commits.
  • Improved curated plugin bundle composition, tracked ignored Claude mirror files correctly, and combined npm package-rename traffic without double counting.
  • Made hosted catalog SEO identities reproducible across canonical URLs, social metadata, sitemaps, and prerendered output.

Fixed

  • Closed the two open Security and Quality findings by declaring least-privilege workflow permissions and making the SEO package-identity regression test exact.
  • Made skill review fail closed when same-repository credentials are missing, while preserving the explicit manual-review path for forks.
  • Hardened Lore mirror targets against traversal and symlink escapes, Telegram approvals against unauthorized group senders and token leakage through process arguments, and Auto Research against implicit external-query disclosure.
  • Restored legacy Git ref-format detection, updated the redirect bridge to the current 49-route sitemap, and made Go In Depth reject non-string query inputs cleanly.
  • Regenerated ephemeral plugin mirrors and the skill index before source-only PR tests so contributions can satisfy distribution and Workbench contracts without committing generated artifacts.

Validation

  • Added regression coverage for workflow fail-closed behavior, mirror containment guidance, Telegram authorization and token transport, legacy Git, production redirect counts, and non-string research queries.
  • Passed the canonical 1,958-skill validation and reference checks, full root test suite, documentation security gate, web-app coverage and production build, npm high-severity audit, package dry run, CodeQL, and protected exact-head PR checks.

Credits

Don't miss a new agentic-awesome-skills release

NewReleases is sending notifications on new releases.