emergency-rescue
Provides step-by-step recovery procedures for developers facing critical issues like force pushes, lost commits, and deployment failures.
Install this skill
Security score
The emergency-rescue skill was audited on Feb 9, 2026 and we found 32 security issues across 3 threat categories, including 6 high-severity. Review the findings below before installing.
Categories Tested
AI Security Analysis
An AI model reviewed this skill's content and provided the following security assessment:
The skill contains several instances of accessing sensitive files and making external calls, which could be legitimate in the context of recovering from developer disasters. However, the presence of multiple file access patterns, especially related to SSH keys and .env files, raises concerns about potential misuse. The external calls to non-GitHub URLs could also indicate data exfiltration risks. A manual review is needed to ensure these actions are safe and intended.
Security Issues
Curl to non-GitHub URL
| 647 | curl -s -o /dev/null -w "%{http_code}" https://myapp.example.com/health |
Curl to non-GitHub URL
| 720 | curl -sI https://mysite.com | head -5 |
Access to hidden dotfiles in home directory
| 298 | rm -rf ~/.npm/_cacache |
Access to hidden dotfiles in home directory
| 737 | ssh -i ~/.ssh/specific_key user@host # Try explicit key |
Access to hidden dotfiles in home directory
| 738 | chmod 600 ~/.ssh/id_rsa # Fix key permissions |
Access to hidden dotfiles in home directory
| 739 | chmod 700 ~/.ssh # Fix .ssh dir permissions |
Access to hidden dotfiles in home directory
| 911 | # Check Trash first: ~/.Trash/ |
Access to hidden dotfiles in home directory
| 933 | chmod 700 ~/.ssh |
Access to hidden dotfiles in home directory
| 934 | chmod 600 ~/.ssh/id_rsa |
Access to hidden dotfiles in home directory
| 935 | chmod 644 ~/.ssh/id_rsa.pub |
Access to hidden dotfiles in home directory
| 936 | chmod 600 ~/.ssh/authorized_keys |
Access to hidden dotfiles in home directory
| 937 | chmod 644 ~/.ssh/config |
Access to SSH directory
| 737 | ssh -i ~/.ssh/specific_key user@host # Try explicit key |
Access to SSH directory
| 738 | chmod 600 ~/.ssh/id_rsa # Fix key permissions |
Access to SSH directory
| 934 | chmod 600 ~/.ssh/id_rsa |
Access to SSH directory
| 935 | chmod 644 ~/.ssh/id_rsa.pub |
Access to SSH directory
| 936 | chmod 600 ~/.ssh/authorized_keys |
Access to SSH directory
| 937 | chmod 644 ~/.ssh/config |
Access to .env file
| 192 | echo ".env" >> .gitignore |
Access to .env file
| 218 | ### .env file pushed to public repo |
Access to .env file
| 221 | # STEP 1: Revoke ALL credentials in that .env file. All of them. Now. |
Access to .env file
| 224 | git rm --cached .env |
Access to .env file
| 225 | echo ".env" >> .gitignore |
Access to .env file
| 227 | git commit -m "Remove .env from tracking" |
Access to .env file
| 230 | git filter-repo --path .env --invert-paths |
Access to .env file
| 233 | # List every variable that was in the .env: |
Access to .env file
| 234 | git show HEAD~1:.env 2>/dev/null || git log --all -p -- .env | head -50 |
Access to .env file
| 240 | if git diff --cached --name-only | grep -qE '\.env$|\.env\.local$|credentials'; then |
Access to .env file
| 242 | echo "Files: $(git diff --cached --name-only | grep -E '\.env|credentials')" |
External URL reference
| 201 | # Download from https://rtyley.github.io/bfg-repo-cleaner/ |
External URL reference
| 647 | curl -s -o /dev/null -w "%{http_code}" https://myapp.example.com/health |
External URL reference
| 720 | curl -sI https://mysite.com | head -5 |