Redact for Public Disclosure
Skill Verified ActiveRedact reverse-engineering findings for public disclosure while preserving methodology, generalizable patterns, and teaching value. Covers the private-vs-public repo split, deny-list pattern maintenance, orphan-commit publish pattern that prevents `git log` leaks, category-based redaction calibration (methodology/pattern/version-finding/internal), and the `check-redaction.sh`-style CI gate that blocks merges when a deny-listed pattern appears. Use when publishing findings about a CLI harness you don't own, when preparing upstream proposals to an unrelated project, or when archiving a private research repo for public reference.
To enable researchers to safely publish reverse-engineering findings by systematically redacting sensitive details while preserving valuable insights and methodology.
Features
- Category-based fact classification
- Version-lag policy for findings
- Maintainable deny-list scanner script
- Private/public file-set split via allow-list
- Orphan-commit publishing for Git history isolation
- CI gate to block merges with denied patterns
Use Cases
- Publishing methodology findings about closed-source software
- Preparing upstream proposals or bug reports
- Archiving private research repos for public reference
- Cleaning up research drafts before publication
Non-Goals
- Performing actual reverse-engineering
- Handling or encrypting sensitive data (focus is on removal)
- Automating the creation of public content beyond redaction and sync
Workflow
- Categorize all candidate facts (methodology, generic pattern, version-specific, live internal)
- Set version-lag cool-off policy
- Build and maintain the deny-list scanner
- Maintain the deny-list before drafting content
- Establish private/public file-set split via allow-list
- Publish via orphan commit to the public mirror
- Wire CI gate to run redaction scanner on commits
- Handle false positives by tightening patterns
- Perform periodic redaction sweeps
Practices
- Research Disclosure
- Secure Publishing
- Information Redaction
- CI/CD Automation
Prerequisites
- A private research repo with mixed-sensitivity content
- A target public mirror repo or worktree
- Git installed and configured
- Bash shell environment
- ripgrep (rg) installed (or grep fallback)
Installation
/plugin install agent-almanac@pjt222-agent-almanacQuality Score
VerifiedTrust Signals
Similar Extensions
Openclaw Testing
100Choose, run, rerun, or debug OpenClaw tests, CI checks, Docker E2E lanes, release validation, and the cheapest safe verification path.
Crabbox
100Use Crabbox for OpenClaw remote validation across Linux, macOS, Windows, and WSL2. Default to Blacksmith Testbox for broad Linux proof; includes direct Blacksmith and owned AWS/Hetzner fallback notes when Crabbox fails.
Codacy Audit
100Codacy Cloud workflow for this repository -- run Codacy's analyzers locally before `git push` (mirrors what Codacy CI runs), and fetch/cluster Codacy issues for any PR via the v3 API. Use when the user mentions Codacy, "codacy analysis", `codacy-analysis-cli`, "codacy issues on PR", "fix codacy CI", "codacy markdownlint findings", or any Codacy gate failing on a netdata-org PR. Ships scripts analyze-local.sh (docker/binary runner for codacy-analysis-cli) and pr-issues.sh (paginated v3 issue fetch + group-by tool/pattern/severity/file). Token-safe -- CODACY_TOKEN never reaches assistant-visible stdout. Read-only by design in the current SOW; write actions (mark FP, mark fixed) are deferred.
Running Tend
100Worktrunk-specific guidance for tend CI workflows. Adds codecov polling, Rust test commands, labels, and review criteria on top of the generic tend-* skills. Use when operating in CI.
Project Session Manager
100Worktree-first dev environment manager for issues, PRs, and features with optional tmux sessions
Sync Profiles
100Use when the user wants to list, create, switch, delete, compare, or inspect config sync profiles.