specstory-guard

Install a pre-commit hook that scans .specstory/history for secrets before commits. Run when user says "set up secret scanning", "install specstory guard", "protect my history", or "check for secrets".

Install with Tessl CLI

npx tessl i github:specstoryai/agent-skills --skill specstory-guard

What are skills?

Review — 88%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Validation — 10 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

100%

Set Up Commit Protection for AI Session History

Guard installation workflow

Criteria

Without context

With context

Uses guard.py install

100%

No manual hook writing

100%

Install command recorded

100%

Hook location confirmed

100%

Skills directory placement

100%

Scanned directory explained

100%

Auto-trigger on commit

100%

Hook contains guard marker

100%

No external dependencies

100%

Guard purpose explained

100%

Without context: $0.5134 · 2m 2s · 21 turns · 90 in / 7,698 out tokens

With context: $1.0145 · 3m 20s · 37 turns · 70 in / 11,947 out tokens

96%

Pre-Push Security Audit of AI Session History

Scan findings presentation

Criteria

Without context

With context

Uses guard.py scan

100%

Scans .specstory/history/

100%

File names in report

100%

Line numbers in report

100%

Rule names in report

100%

Redacted snippets only

100%

Offer to redact

66%

Finding count reported

100%

Multiple files covered

100%

Secret types identified

100%

Without context: $0.5655 · 2m 30s · 24 turns · 20 in / 9,156 out tokens

With context: $0.5226 · 2m 10s · 22 turns · 111 in / 8,548 out tokens

70%

Clean Up SpecStory History Before Open-Sourcing the Repository

Allowlist false positives and remediate real secrets

Criteria

Without context

With context

Uses SPECSTORY_GUARD_ALLOWLIST

13%

Regex patterns in allowlist

50%

100%

Comma-separated allowlist format

Replaces secrets with [REDACTED]

75%

100%

Actual file modified

100%

Re-scans after remediation

100%

83%

Clean scan confirmed

100%

Distinguishes false positives

100%

Uses guard.py for all scans

37%

25%

Commands documented

66%

Without context: $0.8519 · 3m 20s · 32 turns · 27 in / 13,561 out tokens

With context: $0.8706 · 3m 22s · 30 turns · 1,110 in / 11,951 out tokens

Evaluated: about 19 hours ago
Agent: Claude Code

Table of Contents

Set Up Commit Protection for AI Session History Pre-Push Security Audit of AI Session History Clean Up SpecStory History Before Open-Sourcing the Repository

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.