* Add roundup plugin: self-configuring status briefing generator
Adds a new plugin with two skills:
- roundup-setup: Interactive onboarding that learns the user's communication
style from examples, discovers available data sources, and builds audience
profiles. Writes a persistent config to ~/.config/roundup/config.md.
- roundup: Generates draft status briefings on demand by pulling from
configured sources (GitHub, M365, Slack, Google Workspace, etc.) and
synthesizing in the user's learned style for any defined audience.
Platform-agnostic by design -- adapts to whatever MCP tools are available
in the user's environment rather than assuming specific integrations.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review comments
- Fix 'use roundup' help text to clarify multi-audience behavior instead
of referencing a nonexistent 'default audience'
- Split bundled 'who do you report to + who is on your team' into two
separate ask_user questions per the one-question-at-a-time rule
- Specify ~/Desktop as explicit save path with fallback prompt when
directory doesn't exist
- Tables in README verified as correct markdown (single | delimiters)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Improve example-pasting UX in setup flow
- Make 'paste the whole thing right here' explicit so users aren't
unsure about what/how much to paste
- Confirm receipt more clearly ('grabbed all of that')
- Reframe second example prompt to explain why a second helps
- Cap follow-up asks at two so it doesn't feel nagging
- Note that messy formatting is fine
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Reinforce that more examples = better output
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: add Dotnet Self Learning Architect agent with comprehensive guidelines and strategies
* feat: update Dotnet Self-Learning Architect agent with enhanced model and toolset, and update .NET version in core expertise
* updating agent name to .NET Self-Learning Architect
* updating after npm build
* feat: add learning governance rules for lesson and memory management
Add an agent that handles the full lifecycle of upgrading GitHub Actions
JavaScript/TypeScript actions to newer Node.js runtime versions,
including action.yml changes, major version bumps, CI workflow updates,
documentation updates, and build validation.
* feat(orchestrator): add Discuss Phase and PRD creation workflow
- Introduce Discuss Phase for medium/complex objectives, generating context‑aware options and logging architectural decisions
- Add PRD creation step after discussion, storing the PRD in docs/prd.yaml
- Refactor Phase 1 to pass task clarifications to researchers
- Update Phase 2 planning to include multi‑plan selection for complex tasks and verification with gem‑reviewer
- Enhance Phase 3 execution loop with wave integration checks and conflict filtering
* feat(gem-team): bump version to 1.3.3 and refine description with Discuss Phase and PRD compliance verification
* feat: add .NET timezone handling guidance and reference materials
* feat: update Finland, Lithuania, Estonia timezone reference in index
* feat: remove Finland, Lithuania, Estonia timezone reference from index
* <think>The user wants me to generate a conventional format commit message based on the git diff output provided.
Let me analyze the changes:
1. **`.github/plugin/marketplace.json`**:
- Updated the "gem-team" plugin description to include "complexity-aware research, multi-plan selection for critical tasks"
- Updated version from "1.2.1" to "1.3.0"
2. **`agents/gem-browser-tester.agent.md`**:
- Added `<tools>` section with new tools: get_errors, mcp_io_github_chr_performance_start_trace, mcp_io_github_chr_performance_analyze_insight
- Modified the `<expertise>` section (moved closing tag)
- Updated `<input_format_guide>` to use proper JSON code block format
- Updated `<output_format_guide>` to add "needs_revision" status option and restructured JSON formatting
- Updated `<constraints>` section - significantly changed the guidelines
This appears to be an update to:
- Plugin marketplace version bump
- Browser tester agent improvements (new tools, updated workflow constraints, better formatting)
Let me generate a conventional commit message:
- Type: Could be "feat" for new features or "chore" for maintenance
- Scope: could be "marketplace" and "browser-tester"
- Message should describe the changes succinctly
Looking at the changes more carefully:
- Plugin version bump from 1.2.1 to 1.3.0 - this is a feature update
- New tools added to browser tester agent
- Updated constraints/workflow for browser tester
I'll create a commit message that captures the essence:
</think>
feat: update gem-team to v1.3.0 and enhance browser-tester agent
- Bump gem-team plugin version from 1.2.1 to 1.3.0 with updated description
- Add performance tracing and insight tools to browser-tester agent
- Refactor input/output format guides with proper JSON code blocks
- Update agent constraints with improved tool usage and batching guidelines
* fix: correct typo "suiteable" to "suitable" in agent documentation
- Introduced MockMvcTester for AssertJ-style assertions in Spring MVC testing.
- Added @RestClientTest for testing REST clients with MockRestServiceServer.
- Implemented RestTestClient as a modern alternative to TestRestTemplate.
- Documented migration steps from Spring Boot 3.x to 4.0, including dependency and annotation changes.
- Created an overview of test slices to guide testing strategies.
- Included Testcontainers setup for JDBC testing with PostgreSQL and MySQL.
- Enhanced @WebMvcTest documentation with examples for various HTTP methods and validation.
* Added one-shot feature planning agent
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Updated README.agents.md
* Remove pigd0g from contributors section
Removed pigd0g from the contributors list in README.md.
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Tool Guardian Hook
Add Tool Guardian hook for blocking dangerous tool operations
Introduces a preToolUse hook that scans Copilot agent tool invocations
against ~20 threat patterns (destructive file ops, force pushes, DB drops,
permission abuse, network exfiltration) and blocks or warns before execution.
* Address review feedback: move hook to .github/, remove accidental log file
- Move hooks/tool-guardian/ to .github/hooks/tool-guardian/
- Remove accidentally committed guard.log
- Update all path references in README.md
* Move log directory to .github/, revert hook files back to
hooks/
- Revert hook files from .github/hooks/ back to hooks/tool-guardian/
- Update default log path to .github/logs/copilot/tool-guardian/
- Update all path references in README.md and hooks.json
* Add publish-to-pages agent skill
Agent skill that publishes presentations and web content to GitHub Pages.
Works with any AI coding agent (Copilot CLI, Claude Code, Gemini CLI, etc.)
Features:
- Converts PPTX and PDF with full formatting preservation
- Creates repo, enables Pages, returns live URL
- Zero config — just needs gh CLI
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* docs: update README.skills.md
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Source dataverse plugin from microsoft/Dataverse-skills
The Dataverse plugin was previously bundled locally with a single
mcp-configure skill. It is now sourced externally from
microsoft/Dataverse-skills, which provides the full skill set:
init, setup, metadata, python-sdk, solution, mcp-configure, and overview.
- marketplace.json: update dataverse entry to external source format
- external.json: add Dataverse entry alongside Azure
- plugins/dataverse/: remove local plugin directory (now external)
- skills/mcp-configure/: remove top-level copy (now in external plugin)
- docs/README.plugins.md: update dataverse row with external link
- docs/README.skills.md: note mcp-configure moved to external plugin
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Make dataverse plugin docs generic to avoid stale counts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Remove mcp-configure from skills index — now in external plugin
External plugins don't list their skills in README.skills.md
(consistent with azure-skills).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Revert manual edits to generated files
marketplace.json, README.plugins.md, and README.skills.md are
auto-generated. External plugins are discovered via external.json
and merged into marketplace.json by generate-marketplace.mjs.
Matches the Azure external plugin pattern — no manual doc entries.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Regenerate marketplace.json and docs after external plugin change
Run npm run build to pick up the new external dataverse entry and
remove the old local one from generated files.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* New hook: secrets-scanner
Add a secrets-scanner hook that scans files modified during a Copilot
coding agent session for leaked secrets, credentials, and sensitive data.
The hook runs on sessionEnd and inspects files in one of three scopes:
- diff: only files changed in the current session (default)
- staged: only files currently staged in the git index
- all: every tracked file in the repository
Detected pattern categories:
- AWS access keys and secret keys
- GCP service account credentials
- Azure client secrets and storage connection strings
- GitHub personal access tokens
- Slack tokens (bot, user, webhook)
- Private key headers (RSA, EC, DSA, OpenSSH, PEM)
- Generic high-entropy bearer tokens
- Internal IP:port strings
Configurable via environment variables (SCAN_MODE, SCAN_SCOPE,
SECRETS_ALLOWLIST) so teams can tune for their workflow without
editing the script. Patterns are POSIX ERE (grep -E) compatible,
with no PCRE metacharacters, for portability across macOS and Linux.
Files: hooks.json, scan-secrets.sh, README.md
* refactor: move PATTERNS array to top of scan-secrets.sh for discoverability
Move the PATTERNS declaration to the top of the file so it is clearly
visible and easy to customize, as suggested in code review. Added a
descriptive header comment. No functional changes.
---------
Co-authored-by: Shehab Sherif <shehabsherif0@users.noreply.github.com>
* Removing a codex-specific agent (model deprecated) and removing model from blueprint mode
* Combining skills into a single skill with an internal decision tree
* Converting agents to skill with decision tree
Closes#998
* Converting agents to skill with decision tree"
Fixes#999
Add a reusable Agent Skill that installs npm packages in Docker sandbox
environments where virtiofs-mounted workspaces cause native binary crashes
(esbuild, lightningcss, rollup). The script installs on local ext4 and
symlinks node_modules back into the workspace.
- SKILL.md with spec-compliant frontmatter and documentation
- scripts/install.sh with security hardening (no eval, readonly paths)
- Updated docs/README.skills.md with new skill entry
Co-authored-by: GeekTrainer <GeekTrainer@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Cleaned up some tool names
* Removing some instructionsThese instructions are no longer useful as the knowledge the add is already well handled by frontier models, so the instructions potentially provide conflicting or incorrect information to the agent while it undertakes a task
* Improved the skill to be more explicit on how to use playwright
* Removing a skill that is of low value
The information captured in this skill is mostly just what is found in the links that are at the top of the references, and thus the model will already have that knowledge available to it, meaning that the skill will potentially provide conflicting guidance to the agent as it works
* Updating readmes
* chore: update ScoutQA skill with issue verification and localhost testing support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address PR feedback - single-line description and remove create-execution from header
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add doublecheck plugin: three-layer verification pipeline for AI output
Adds a new plugin that helps users verify AI-generated content before
acting on it. Designed for sensitive contexts (legal, medical, financial,
compliance) where hallucinations carry real consequences.
Three verification layers:
- Self-Audit: extracts verifiable claims, checks internal consistency
- Source Verification: web searches per claim, produces URLs for human review
- Adversarial Review: assumes errors exist, checks hallucination patterns
Supports persistent mode (auto-verifies every factual response inline)
and one-shot mode (full report on specific text). Confidence ratings:
VERIFIED, PLAUSIBLE, UNVERIFIED, DISPUTED, FABRICATION RISK.
Includes:
- Skill (skills/doublecheck/) with bundled report template
- Agent (agents/doublecheck.agent.md) for interactive verification
- Plugin package (plugins/doublecheck/) bundling both
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address review: fix tools YAML format, remove materialized artifacts
- Fix tools frontmatter in agents/doublecheck.agent.md to use standard
YAML list format instead of flow sequence with trailing comma
- Remove plugins/doublecheck/agents/ and plugins/doublecheck/skills/
from tracking; these paths are in .gitignore as CI-materialized
artifacts that should not be committed
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add dependency/blocking trigger phrases to skill description so the
skill activates on requests like 'link issues', 'add dependency',
'blocked by', and 'blocking'
- Fix incorrect GraphQL return field in dependencies.md: blockedByIssue
does not exist on AddBlockedByPayload; the correct field is
blockingIssue
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add napkin plugin: visual whiteboard collaboration for Copilot CLI
Napkin opens an interactive HTML whiteboard in the user's browser where
they can draw, sketch, and add sticky notes. When ready, they click
'Share with Copilot' which exports a PNG snapshot. The Copilot CLI agent
reads the PNG via the view tool, and the multimodal AI model interprets
the drawings, spatial layout, and text content — responding
conversationally as a collaborator.
Built for non-technical users: lawyers, PMs, business stakeholders,
designers, and anyone who thinks better visually.
Includes:
- Self-contained HTML whiteboard (zero external dependencies)
- Shape recognition (wobbly shapes snap to clean versions)
- Freehand drawing, sticky notes, arrows, text labels
- Auto-save to localStorage
- SKILL.md with agent instructions
- SVG visual guides for step-by-step README documentation
- Plugin manifest for Copilot CLI installation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix review feedback: roundRect compat, cross-platform shortcuts, eraser undo
- Add safeRoundRect() fallback for browsers without CanvasRenderingContext2D.roundRect()
- Update undo/redo button titles to show Ctrl/Cmd instead of Mac-only Cmd
- Fix eraser undo by capturing state before first erase mutation per gesture
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update skills/napkin/templates/napkin.html
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Update plugins/napkin/README.md
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Update skills/napkin/templates/napkin.html
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Update skills/napkin/templates/napkin.html
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Update skills/napkin/templates/napkin.html
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Add missing Line (L) and Eraser (E) keyboard shortcuts to README
The in-app shortcuts panel and keyMap handler both support L for Line
and E for Eraser, but the README keyboard shortcuts table was missing
both entries. Adds them to match the actual implementation.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Combine docs/ and templates/ into assets/ per agentskills.io spec
Moves skills/napkin/docs/*.svg and skills/napkin/templates/napkin.html
into skills/napkin/assets/ to align with the Agent Skills specification.
Updates all path references in SKILL.md, README.md, and generated docs.
Addresses review feedback from PR #929.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Dan Velton <dvelton@Dans-MacBook-Pro.local>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* feat: add cli-mastery skill — interactive Copilot CLI training
Adds cli-mastery, an interactive training system for the GitHub Copilot CLI.
8 modules covering slash commands, keyboard shortcuts, modes, agents, skills,
MCP, configuration, and advanced techniques. Includes scenario challenges,
a final exam, XP/leveling system, and SQL-based progress tracking.
Source: https://github.com/DUBSOpenHub/copilot-cli-mastery (MIT)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: address review feedback on frontmatter and consistency
- Switch description from folded block scalar (>) to single-quoted string
per AGENTS.md documented format
- Fix Module 7 heading: backtick-wrap @ separately from 'file mentions'
to avoid implying '@ file mentions' is a literal command
- Fix Final Exam Q6: change '@ + filename' to '@filename' with example
to match the @src/auth.ts syntax taught in modules
- Fix Final Exam Q7: add GEMINI.md to match Module 7 precedence list
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: rename curriculum/ to references/ per agentskills.io spec
Addresses review feedback from @aaronpowell on PR #915.
The Agent Skills specification defines references/ as the standard
directory for supplementary documentation that agents read on demand.
- Renamed skills/cli-mastery/curriculum/ → references/
- Updated all path references in SKILL.md
- Updated asset paths in docs/README.skills.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: DUBSOpenHub <DUBSOpenHub@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add automate-this plugin: screen recording to automation scripts
New plugin that analyzes screen recordings of manual processes and
proposes working automation scripts at multiple complexity tiers.
Features:
- Frame extraction via ffmpeg for visual process reconstruction
- Optional audio transcription via Whisper for narrated recordings
- Environment fingerprinting to constrain proposals to installed tools
- Application-specific automation strategies (browser, spreadsheet,
email, terminal, file management, macOS-native)
- Three-tier proposal system (quick win, full script, scheduled automation)
- Dry-run support for safe testing of all proposals
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update skills/automate-this/SKILL.md
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Address code review feedback on automate-this plugin
- Fix privacy section: clarify that frames/audio are processed locally
but sent to the Copilot model for analysis (not purely local)
- Replace 'which' with 'command -v' for reliable tool detection with
explicit NO_FFMPEG/NO_WHISPER sentinels
- Use per-run secure temp directory (mktemp -d, mode 0700) instead of
fixed /tmp/ paths to prevent other users reading extracted frames
- Add -y flag and -loglevel warning to ffmpeg calls to prevent
overwrite prompts and avoid piping hiding exit codes
- Add whisper-cpp CLI invocation path so users who install only
whisper-cpp get working transcription
- Fix grouped command syntax in environment fingerprint to prevent
false 'not installed' fallthrough
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
