Total Skills
14
Author Profile: enchanter-ai
Skills published by enchanter-ai with real stars/downloads and source-aware metadata.
Total Stars
14
Total Downloads
0
Skills Performance
Comparison chart based on real stars and downloads signals from source data.
rate-shield-awareness
1
Stars
1
Downloads
0
capability-shield-awareness
1
Stars
1
Downloads
0
shield-awareness
1
Stars
1
Downloads
0
reach-awareness
1
Stars
1
Downloads
0
check-budget
1
Stars
1
Downloads
0
observe-call
1
Stars
1
Downloads
0
refresh-rate-card
1
Stars
1
Downloads
0
rate-awareness
1
Stars
1
Downloads
0
Published Skills
rate-shield-awareness
OPT-IN BLOCKING token-bucket rate limiter. Pairs with pech-rate-limiter (advisory). When state/rate-policy.json sets enabled:true, this shield blocks (exits 2) any tool call once the active (session, skill) bucket is empty. Reads buckets from rate-limiter's state/buckets.json when present; gracefully degrades when absent. Use when the developer asks why a tool call was rate-blocked, wants to enable or tune the rate policy, or reviews a stderr "rate-shield (BLOCKED)" message. Default disabled. Do not use for advisory-only velocity signals (see rate-limiter) or for cost reporting (see budget-watcher).
Repository SourceNeeds Review
capability-shield-awareness
OPT-IN BLOCKING capability allowlist. Pairs with hydra-capability-fence (advisory). When state/capability-policy.json sets enabled:true, this shield blocks any tool call whose name is not in the active SKILL.md frontmatter allowed-tools list. Use when the developer asks why a tool call was blocked, wants to enable or tune the capability allowlist, or reviews a stderr "capability-shield (BLOCKED)" message. Default disabled — out of the box this shield does nothing. Do not use for observability without enforcement (see capability-fence).
Repository SourceNeeds Review
shield-awareness
OPT-IN BLOCKING egress allowlist. Pairs with hydra-egress-monitor (advisory). When state/egress-policy.json sets enabled:true, this shield blocks any WebFetch / WebSearch / Bash-network call whose destination host is not in the operator-curated allowlist. Use when the developer asks why a network call was blocked, wants to inspect or edit the egress allowlist, or asks about audit.ndjson policy_blocked events. Default disabled — out of the box this shield does nothing. Do not use for observability without enforcement (see egress-monitor).
Repository SourceNeeds Review
reach-awareness
Post-filters vuln-detector findings by call-graph reachability from an entrypoint, so operators triage exploitable vulns first and dead-code or vendored-library hits last. Use when the developer wants to triage a vuln-detector audit.jsonl, runs /hydra:reach, asks "which of these findings are actually reachable?", or references Snyk/CodeQL/Semgrep reachability as a reference baseline. Currently scaffolded; full integration is blocked on lich exporting a persisted call-graph artifact — in graph-absent mode, every finding is preserved with reachable=null. Do not use for raw vuln scanning (see vuln-detector) or for first-pass CWE classification (see audit-trail).
Repository SourceNeeds Review
check-budget
Runs L2 Budget Boundary Detection after each ledger write: increments per-scope counters, compares against ceilings in state/budgets.json, emits pech.budget.threshold.crossed on first crossing of each threshold within each scope-window. Use when: a PostToolUse hook fires and cost-tracker has already written the ledger row. Do not use for forecasting (see forecast-cost) or anomaly detection (see detect-anomaly).
Repository SourceNeeds Review
observe-call
Writes a single ledger row for the most recent tool-use call: reads the API response's usage field (authoritative), looks up the model rate in shared/rate-card.json, applies prompt-cache modifiers (1.25× write, 0.1× read), computes billed cost, and appends to plugins/cost-tracker/state/ledger-YYYY-MM.jsonl. Use when: a PostToolUse hook fires for any tool and attribution metadata is available via ENCHANTED_ATTRIBUTION env. Do not use for forecasting (see /pech-forecast → forecast-cost) or for anomaly detection (see budget-watcher/detect-anomaly).
Repository SourceNeeds Review
refresh-rate-card
Updates shared/rate-card.json with a new per-model rate table. Validates the proposed update against the existing schema, diffs prices against the current card, and produces a commit-ready diff for human review. Use when: CI nightly job detects a pricing change on Anthropic's published rate page, or when the developer runs /refresh-rate-card after verifying a price change. Do not use at runtime during a Claude Code session — this skill runs in CI or at developer invocation, never inside the observation hot path.
Repository SourceNeeds Review
rate-awareness
Token-bucket advisory rate limiter per skill+session. Surfaces runaway tool-call loops in real time before pech/budget-watcher reports them post-hoc. Auto-fires on PreToolUse. Configurable per-skill limits via state/buckets.json. Do not use for cost reporting (see budget-watcher) or for blocking installs (see package-gate).
Repository SourceNeeds Review
lich-review
Runs M1 Cousot Interval Propagation and M2 Falleri Structural Diff on a code scope, flags runtime-failure candidates (div-zero, null deref, OOB, overflow, resource leak), and hands the flagged sites to lich-sandbox for M5 confirmation. Use when: the user runs /lich-review on a hunk / file / PR, or the PostToolUse hook fires on Write/Edit/MultiEdit. Do not use for: security-taint review (Hydra R3 owns that), change classification (Crow V1/V2 owns that), or rubric-style judgment (lich-rubric skill owns that).
Repository SourceNeeds Review
canary-awareness
Seeds per-session canary tokens into WebFetch advisories and scans every subsequent tool input/output for the canary's appearance. Use when the developer wants prompt-injection detection telemetry, or asks "is my session compromised?". Auto-fires on PreToolUse(WebFetch) and PostToolUse(*). Do not use for in-prompt sanitization (see deep-research's <untrusted_source> wrapping).
Repository SourceNeeds Review
fence-awareness
Detects subagent capability escapes by comparing the tool being invoked against the skill's declared allowed-tools list. Use when the developer asks about subagent escape, sees a tool fired from an unexpected skill, or audits delegation.md compliance. Auto-fires on PreToolUse. Best-effort observability only — does not block.
Repository SourceNeeds Review
egress-awareness
Logs every WebFetch / WebSearch / Bash-network destination to an append-only NDJSON and surfaces first-seen domains as advisory warnings. Use when the developer asks "what did this session reach out to?" or "show me egress", wants a per-session list of contacted hosts, asks about an egress-monitor advisory, or wants to inspect state/log.ndjson. Auto-fires on PostToolUse for network tools. Do not use for in-process state inspection (see audit-trail).
Repository SourceNeeds Review
license-awareness
Scans the project's dep tree for license compatibility against an allow/deny policy. Use when the developer asks "what licenses are in here?" or before a release. Reports denied (GPL/AGPL/SSPL), warned (MPL/EPL/CDDL), and allowed (MIT/Apache/BSD/ISC) classifications. Do not use for license-text generation (see SBOM).
Repository SourceNeeds Review
gate-awareness
Helps the developer interpret package-gate advisory findings and decide whether to proceed with a package install. Use when the developer asks about a package-gate warning, supply-chain risk on a specific package, slopsquat / typosquat / maintainer-churn / download-cliff signals, or whether an `npm install` / `pip install` / `pnpm add` / `yarn add` / `uv add` target is safe. Auto-triggers on: "is X safe to install", "package-gate flagged", "typosquat", "slopsquat", "supply-chain risk", "should I install", "this package looks suspicious". Do not use for: post-install vulnerability scans (see vuln-detector), secrets in installed code (see secret-scanner), or actually blocking installs — package-gate is advisory only and the install was not blocked.
Repository SourceNeeds Review