Skip to content

Add Vulnetix vulnerability intelligence skills#48

Open
0x73746F66 wants to merge 138 commits into
daymade:mainfrom
0x73746F66:add-vulnetix-skills
Open

Add Vulnetix vulnerability intelligence skills#48
0x73746F66 wants to merge 138 commits into
daymade:mainfrom
0x73746F66:add-vulnetix-skills

Conversation

@0x73746F66

@0x73746F66 0x73746F66 commented Apr 7, 2026

Copy link
Copy Markdown

Adds Vulnetix vulnerability intelligence suite — 7 skills for exploit analysis, fix proposals, scoring, exploits, and package security assessment via the Vulnetix VDB API.

daymade and others added 30 commits March 7, 2026 14:54
…ents

## New Skill: continue-claude-work (v1.1.0)
- Recover actionable context from local `.claude` session artifacts
- Compact-boundary-aware extraction (reads Claude's own compaction summaries)
- Subagent workflow recovery (reports completed vs interrupted subagents)
- Session end reason detection (clean exit, interrupted, error cascade, abandoned)
- Size-adaptive strategy for small/large sessions
- Noise filtering (skips 37-53% of session lines)
- Self-session exclusion, stale index fallback, MEMORY.md integration
- Bundled Python script (no external dependencies)
- Security scan passed, argument-hint added

## Skill Updates
- **skill-creator** (v1.5.0): Complete rewrite with evaluation framework
  - Added agents/ (analyzer, comparator, grader)
  - Added eval-viewer/ (generate_review.py, viewer.html)
  - Added scripts/ (run_eval, aggregate_benchmark, improve_description, run_loop)
  - Added references/schemas.md (eval/benchmark schemas)
  - Expanded SKILL.md with inline vs fork guidance, progressive disclosure patterns
  - Enhanced package_skill.py and quick_validate.py

- **transcript-fixer** (v1.2.0): CLI improvements and test coverage
  - Enhanced argument_parser.py and commands.py
  - Added correction_service.py improvements
  - Added test_correction_service.py

- **tunnel-doctor** (v1.4.0): Quick diagnostic script
  - Added scripts/quick_diagnose.py
  - Enhanced SKILL.md with 5-layer conflict model

- **pdf-creator** (v1.1.0): Auto DYLD_LIBRARY_PATH + rendering fixes
  - Auto-detect and set DYLD_LIBRARY_PATH for weasyprint
  - Fixed list rendering and CSS improvements

- **github-contributor** (v1.0.3): Enhanced project evaluation
  - Added evidence-loop, redaction, and merge-ready PR guidance

## Documentation
- Updated marketplace.json (v1.38.0, 42 skills)
- Updated CHANGELOG.md with v1.38.0 entry
- Updated CLAUDE.md (skill count, marketplace version, daymade#42 description)
- Updated README.md (badges, skill section daymade#42, use case, requirements)
- Updated README.zh-CN.md (badges, skill section daymade#42, use case, requirements)
- Fixed absolute paths in continue-claude-work/references/file_structure.md

## Validation
- All skills passed quick_validate.py
- continue-claude-work passed security_scan.py
- marketplace.json validated (valid JSON)
- Cross-checked version consistency across all docs
- Add _ensure_list_spacing() to handle lists without blank lines before them
- Modify _md_to_html() to preprocess markdown content via stdin
- Add automated test suite (scripts/tests/test_list_rendering.py)
- Fix: Lists without preceding blank lines now render correctly
- Original markdown files remain unmodified (preprocessing in memory only)

Root cause: Pandoc requires blank lines before lists per CommonMark spec.
Without preprocessing, lists following paragraphs render as plain text.

Tested scenarios:
✅ Lists with blank lines (normal case)
✅ Lists without blank lines (critical fix)
✅ Ordered lists without blank lines
✅ Original file integrity preserved

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…on workflow

- Add 10-point high-quality PR formula based on real-world success cases
- Add investigation phase workflow (post to issue before PR)
- Add git history tracing techniques (git log, git blame)
- Add evidence-loop pattern (reproduce → trace → link → post)
- Add high-quality PR case study reference
- Update PR checklist with investigation steps
- Emphasize separation of concerns (detailed analysis in issue, fix summary in PR)

Key principles:
- Deep investigation before coding
- Minimal, surgical fixes
- Professional communication
- No internal/irrelevant details in PR

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ripts

New scripts:
- fix_transcript_timestamps.py: Repair malformed timestamps (HH:MM:SS format)
- split_transcript_sections.py: Split transcript by keywords and rebase timestamps
- Automated tests for both scripts

Features:
- Timestamp validation and repair (handle missing colons, invalid ranges)
- Section splitting with custom names
- Rebase timestamps to 00:00:00 for each section
- Preserve speaker format and content integrity
- In-place editing with backup

Documentation updates:
- Add usage examples to SKILL.md
- Clarify dictionary iteration workflow (save stable patterns only)
- Update workflow guides with new script references
- Add script parameter documentation

Use cases:
- Fix ASR output with broken timestamps
- Split long meetings into focused sections
- Prepare sections for independent processing

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add skill to fix broken line wrapping in Claude Code exported .txt files.
Reconstructs tables, paragraphs, paths, and tool calls that were hard-wrapped
at fixed column widths.

Features:
- State-machine parser with next-line look-ahead
- Handles 10 content types (user prompts, Claude responses, tables, tool calls, etc.)
- Pangu spacing for CJK/ASCII mixed text
- 53 automated validation checks
- Safety: never modifies original files, verifies marker counts

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds dependency detection before skill creation starts, preventing
mid-workflow failures (e.g., gitleaks missing at packaging, PyYAML
missing at validation). Documents correct script invocation via
python3 -m syntax and auto-installation commands.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…losure

Move verbose sections to references/ files, keeping concise pointers in
CLAUDE.md. Zero content loss — all documentation preserved in reference
files that Claude loads on demand.

Moved to references/:
- plugin-architecture.md (296 lines) — architecture docs
- plugin-troubleshooting.md (441 lines) — installation debugging
- new-skill-guide.md (241 lines) — detailed templates/checklists
- promotion-policy.md (60 lines) — third-party request policy
- youtube-downloader/references/internal-sop.md — yt-dlp SOP

Also fixed: Available Skills daymade#36-42 indentation, deduplicated 4x
versioning sections into one, removed stale notes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- add scrapling-skill with validated CLI workflow, diagnostics, packaging, and docs integration
- fix skill-creator package_skill.py so direct script invocation works from repo root
- fix continue-claude-work extract_resume_context.py typing compatibility for local python3
- bump marketplace to 1.39.0 and updated skill versions
Replace real Zhipu GLM API key with fake placeholder in mask_secret()
and SecretStr docstring examples. The real key was exposed in this
PUBLIC repo.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ndings

transcript-fixer:
- Add common_words.py safety system (blocks common Chinese words from dictionary)
- Add --audit command to scan existing dictionary for risky rules
- Add --force flag to override safety checks explicitly
- Fix substring corruption (产线数据→产线束据, 现金流→现现金流)
- Unified position-aware replacement with _already_corrected() check
- 69 tests covering all production false positive scenarios

tunnel-doctor:
- Add Step 5A: Tailscale SSH proxy silent failure on WSL
- Add Step 5B: App Store vs Standalone Tailscale on macOS
- Add Go net/http NO_PROXY CIDR incompatibility warning
- Add utun interface identification (MTU 1280=Tailscale, 4064=Shadowrocket)
- Fix "Four→Five Conflict Layers" inconsistency in reference doc
- Add complete working Shadowrocket config reference

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Claude IS the AI — when running inside Claude Code, use Claude's own
language understanding for Stage 2 corrections instead of calling an
external API. No API key needed by default.

New capabilities in native mode:
- Intelligent paragraph breaks at logical topic transitions
- Filler word reduction (excessive repetition removal)
- Interactive review with confidence-level tables
- Context-aware judgment using full document context

API mode (GLM) remains available for batch/automation use cases.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…AskUserQuestion

New skill: asr-transcribe-to-text (v1.0.0)
- Transcribe audio/video via configurable ASR endpoint (Qwen3-ASR default)
- Persistent config in CLAUDE_PLUGIN_DATA (endpoint, model, proxy bypass)
- Single-request-first strategy (empirically proven: 55min in one request)
- Fallback overlap-merge script for very long audio (18min chunks, 2min overlap)
- AskUserQuestion at config init, health check failure, and output verification

skill-creator optimization (v1.5.1 → v1.6.0)
- Add AskUserQuestion best practices section (Re-ground/Simplify/Recommend/Options)
- Inject structured decision points at 8 key workflow stages
- Inspired by gstack's atomic question pattern

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Rename skill to better reflect its purpose (document-to-markdown conversion)
- Update SKILL.md name, description, and trigger keywords
- Add benchmark reference (2026-03-22)
- Update marketplace.json entry (name, skills path, version 2.0.0)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…gnosis

Real-world findings from debugging docker build failures on macOS with
OrbStack + Shadowrocket:

- Add docker pull vs docker build vs docker run proxy path distinction table
- Add 2G-1: --network host workaround for OrbStack transparent proxy broken by TUN
- Rewrite 2G-2: use host.internal (not 127.0.0.1) for OrbStack Docker proxy
- Add 2G-4: container healthcheck failure from lowercase http_proxy env var leak
- Add 3 new symptom entries to Step 1 diagnostic index
- Add smoking gun diagnosis: wget showing "127.0.0.1: Connection refused"

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… full rename cleanup

- Add CJK bold spacing fix: insert spaces around **bold** spans containing
  CJK characters for correct rendering (handles emoji adjacency, already-spaced)
- Add JSON pretty-print: auto-format JSON code blocks with 2-space indent
- Add 31 unit tests covering all post-processing functions
- Fix pandoc simple table detection (1-space column gaps)
- Fix image path double-nesting when --assets-dir ends with 'media'
- Rename all markdown-tools references across 15 files (README, QUICKSTART,
  marketplace.json, CLAUDE.md, meeting-minutes-taker, GitHub templates)
- Add 5-tool benchmark report (Docling/MarkItDown/Pandoc/Mammoth/ours)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… to 2.1.0

Sync description with actual capabilities: CJK bold spacing, JSON pretty-print,
simple table support, 31 tests, benchmark score. Add cjk/chinese keywords.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…kill draft

- pdf-creator v1.2.0: theme system (default/warm-terra), dual backend
  (weasyprint/chrome auto-detect), argparse CLI, extracted CSS to themes/
- terraform-skill: operational traps from real deployments (provisioner
  timing, DNS duplication, multi-env isolation, pre-deploy validation)
- asr-transcribe-to-text: add security scan marker

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…iew Team

- Correct source accessibility: distinguish circular verification (forbidden)
  from exclusive information advantage (encouraged)
- Add Counter-Review Team with 5 specialized agents (claim-validator,
  source-diversity-checker, recency-validator, contradiction-finder,
  counter-review-coordinator)
- Add Enterprise Research Mode: 6-dimension data collection framework
  with SWOT, competitive barrier, and risk matrix analysis
- Update version to 2.4.0
- Add comprehensive reference docs:
  - source_accessibility_policy.md
  - V6_1_improvements.md
  - counter_review_team_guide.md
  - enterprise_analysis_frameworks.md
  - enterprise_quality_checklist.md
  - enterprise_research_methodology.md
  - quality_gates.md
  - report_template_v6.md
  - research_notes_format.md
  - subagent_prompt.md

Based on "深度推理" case study methodology lessons learned.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ample

Replace \"深度推理(上海)科技有限公司\" with \"字节跳动子公司\"
as the case study example to avoid exposing user's own company info.

Also update .gitignore to exclude:
- deep-research-output/ (contains sensitive research data)
- recovered_deep_research/
- .opencli/
- douban-skill/ (work-in-progress)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…dology

New skill: douban-skill
- Full export of Douban (豆瓣) book/movie/music/game collections via Frodo API
- RSS incremental sync for daily updates
- Python stdlib only, zero dependencies, cross-platform (macOS/Windows/Linux)
- Documented 7 failed approaches (PoW anti-scraping) and why Frodo API is the only working solution
- Pre-flight user validation, KeyboardInterrupt handling, pagination bug fix

skill-creator enhancements:
- Add development methodology reference (8-phase process with prior art research,
  counter review, and real failure case studies)
- Sync upstream changes: improve_description.py now uses `claude -p` instead of
  Anthropic SDK (no ANTHROPIC_API_KEY needed), remove stale "extended thinking" ref
- Add "Updating an existing skill" guidance to Claude.ai and Cowork sections
- Restore test case heuristic guidance for objective vs subjective skills

README updates:
- Document fork advantages vs upstream with quality comparison table (65 vs 42)
- Bilingual (EN + ZH-CN) with consistent content

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…UDE.md)

Prevents sensitive data (user paths, phone numbers, personal IDs) from
entering git history. Born from redacting 6 historical commits.

- .gitleaks.toml: custom rules for absolute paths, phone numbers, usernames
- .githooks/pre-commit: dual-layer scan (gitleaks + regex fallback)
- CLAUDE.md: updated Privacy section documenting the defense system

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…nciple, add date handling rules

- SKILL.md length driven by information density, not line count
- Factual dates (release dates, "last verified") should be kept — they help readers judge freshness
- Conditional date logic ("before X use old API") should be avoided

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… recovery

Previously, recover_content.py saved all files flat in the output directory,
causing files with the same name (e.g., src/utils.py and tests/utils.py) to
overwrite each other.

Now the script preserves the original directory structure, creating subdirectories
as needed within the output directory.

- Bump version: 1.0.0 → 1.0.1

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace hardcoded user paths that triggered gitleaks PII detection:
- /Users/username/ → ~/
- /Users/user/ → ~/
- -Users-username- → -Users-<username>- (normalized paths)

Also fix the sed example to use <home> placeholder instead of
regex pattern that would match actual usernames.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Update SKILL.md and workflow_examples.md to reflect the new behavior
of recover_content.py which now preserves original directory structure:

- SKILL.md: Add 'preserving the original directory structure' note
- SKILL.md: Update verification examples to use find command and
  show subdirectory paths (e.g., ./recovered_content/src/components/)
- workflow_examples.md: Update diff example to account for nested paths

Version bump: 1.0.1 → 1.0.2

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
asr-transcribe-to-text:
- Add local MLX transcription path (macOS Apple Silicon, 15-27x realtime)
- Add bundled script transcribe_local_mlx.py with max_tokens=200000
- Add local_mlx_guide.md with benchmarks and truncation trap docs
- Auto-detect platform and recommend local vs remote mode
- Fix audio extraction format (MP3 → WAV 16kHz mono PCM)
- Add Step 5: recommend transcript-fixer after transcription

transcript-fixer:
- Optimize SKILL.md from 289 → 153 lines (best practices compliance)
- Move FALSE_POSITIVE_RISKS (40 lines) to references/false_positive_guide.md
- Move Example Session to references/example_session.md
- Improve description for better triggering (226 → 580 chars)
- Add handoff to meeting-minutes-taker

skill-creator:
- Add "Pipeline Handoff" pattern to Skill Writing Guide
- Add pipeline check reminder in Step 4 (Edit the Skill)

Pipeline handoffs added to 8 skills forming 6 chains:
- youtube-downloader → asr-transcribe-to-text → transcript-fixer → meeting-minutes-taker → pdf/ppt-creator
- deep-research → fact-checker → pdf/ppt-creator
- doc-to-markdown → docs-cleaner / fact-checker
- claude-code-history-files-finder → continue-claude-work

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
SKILL.md: rewritten following Anthropic best practices
- Concise (233 lines, down from 347)
- Critical VHS parser limitations section (base64 workaround)
- Advanced patterns: self-bootstrap, output filtering, frame verification
- Better description for skill triggering

New files:
- references/advanced_patterns.md: production patterns from dbskill project
- assets/templates/self-bootstrap.tape: self-cleaning demo template

auto_generate_demo.py: new flags
- --bootstrap: hidden setup commands (self-cleaning state)
- --filter: regex pattern to filter noisy output
- --speed: post-processing speed multiplier (gifsicle)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
daymade and others added 28 commits April 26, 2026 22:49
Add .claude/settings.local.json and .claude/archive/ to .gitignore
to prevent local configuration and session archives from being committed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…1.0.0

Six-phase workflow: source collection → narrative discussion (ABCDEFG model)
→ content structuring → prompt generation → image generation → post-processing.
Delegates visual generation to baoyu-slide-deck while focusing on what
machines can't do: narrative co-design with humans.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Add slides-creator plugin entry to marketplace.json
- Update metadata.version: 1.48.0 → 1.49.0
- Update skills count: 48 → 49, plugin entries: 52 → 53
- Update README.md / README.zh-CN.md badges, skill listings, use cases, docs
- Update CLAUDE.md overview count, plugin count, Available Skills list
- Fix competitors-analysis SKILL.md YAML frontmatter quoting

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Move suites/daymade-docs/ and suites/daymade-claude-code/ up to the repo
root, removing the suites/ intermediate layer. Plugin names, install
commands, and skill invocations are unchanged for end users; only the
on-disk layout and source paths in marketplace.json moved. claude plugin
update will re-fetch from the new paths automatically.

Also bundles previously-uncommitted pdf-creator edits (SKILL.md +
scripts/md_to_pdf.py) carried along by the git mv.

- marketplace.json: 15 source paths rewritten; version 1.49.0 → 1.50.0
- CLAUDE.md / README.md / README.zh-CN.md / references/new-skill-guide.md:
  doc references updated
- marketplace-dev SKILL.md + cache_and_source_patterns.md: pattern
  examples updated to match the new layout
- CHANGELOG.md: new v1.50.0 entry; older entries describing prior
  migrations into suites/ retained as historical record
- Fixed pre-existing suites/daymade-claude-code/suites/daymade-claude-code/
  double-prefix typo in two README locations
- check_marketplace.sh: 4/4 PASS

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Skill iteration workspace, follows the same pattern as the pre-existing
douban-skill-workspace/ entry.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…d bump to v1.51.0

Land the two skill directories that were missing from git history. The
plugin entries already existed in marketplace.json (carried into commit
1f72904 as uncommitted draft modifications during the suite-flatten
rewrite), but the skill directories themselves and all documentation
surfaces were never synchronized — install would have failed to resolve
./debugging-network-issues and ./stepfun-tts. This commit completes that
half-done registration.

Skills:
- debugging-network-issues v1.0.0: Evidence-driven, falsification-first
  methodology for network/streaming/protocol-layer bugs (HTTP/2 RST_STREAM,
  SSE stalls, fixed-time drops, CDN/proxy/CGNAT idle timeouts). Bundles
  layered-isolation probe scripts and a real SSE 130s case study.
- stepfun-tts v1.0.0: StepFun StepAudio 2.5 family — stepaudio-2.5-tts
  (Contextual TTS via instruction + inline parentheses) and
  stepaudio-2.5-asr (SSE endpoint, 32K context, ~100x RTF, 30-min
  single-call). Captures the three step-tts-2 → stepaudio-2.5 breaking
  changes with migration playbook.

Manifest sync:
- marketplace.json: metadata.version 1.50.0 → 1.51.0
- CHANGELOG.md: v1.51.0 entry with the half-done-registration note
- README.md / README.zh-CN.md: badges, descriptions, skill sections daymade#49+daymade#50,
  Use Cases, Documentation Quick Links, Requirements
- CLAUDE.md: skill count 49 → 51, plugin count 53 → 55, Available Skills

check_marketplace.sh: 4/4 PASS

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…(v1.4.0)

Adds two-layer CJK typography handling without modifying user markdown
or theme CSS files:

- Layer 1: _load_theme() appends a CJK CSS patch (table-layout: fixed,
  word-break: keep-all, line-break: strict) to fix the most common
  weasyprint CJK rendering issue — single-character cell wrapping when
  one column has 5x more content than another.
- Layer 2: post-render typography lint via pdftotext -layout scans for
  known CJK anti-patterns (orphan single CJK char, broken bracket pairs,
  short lines ending with mid-thought punctuation). Findings are
  warnings, not errors; PDF still generates and the author decides
  whether to accept, shorten, or restructure.

Also bundles theme CSS refinements (default.css +58, warm-terra.css +35)
and a new self-check preview test (test_self_check_preview.py).

- pdf-creator: v1.3.2 → v1.4.0 (MINOR — new feature: CJK auto-injection)
- SKILL.md documents the layer architecture and the deliberate choice not
  to silently auto-fix everything (per CLAUDE.md "禁止隐式行为" rule).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Default theme: tighten font-size scale so all body-adjacent elements
(inline code / table / pre) sit within ≤1pt of body, eliminating the
visual "noticeably smaller" gap on long-form Chinese documents.

- body: 12pt -> 11.5pt; line-height 1.8 -> 1.6
- heading scale: h1 17pt / h2 15pt / h3 13pt / h4 12.5pt /
  h5 12pt + left border / h6 11.5pt italic
- inline code: 10pt -> 11pt (was 2pt smaller than body)
- table: 10pt -> 11pt
- pre code: 9pt -> 10.5pt; line-height 1.6 -> 1.5
- .cjk-code-block matches table

test_self_check_preview.py: fix script path resolution.
Old: cwd.parent / "md_to_pdf.py" (resolved to pdf-creator/md_to_pdf.py
which doesn't exist). New: scripts_dir / "md_to_pdf.py" with renamed
parameter and clarifying docstring on cwd semantics.

Tests: 14/14 passing (self_check_preview 4/4 + list_rendering 4/4
+ cjk_code_blocks 6/6).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Inline code with mixed ASCII + CJK content (e.g. `Shift + 右键`,
`Cmd + Space`, `Option 键`) was rendering with the CJK chars
INVISIBLE — only the ASCII parts and code box background showed.

Root cause: code/pre code font-family chain was
'Menlo', 'PingFang SC', 'Heiti SC', 'Noto Sans CJK SC', monospace
weasyprint's fontconfig often fails to register PingFang SC /
Heiti SC / Noto Sans CJK SC, so CJK fell through to the generic
'monospace' which has no CJK glyphs → chars dropped silently.

Fix: append 'Songti SC', 'SimSun' to the chain (same fonts the
body successfully uses). Songti SC is registered, so CJK chars in
inline/pre code now always render even if PingFang/Heiti/Noto are
unavailable. Trade-off: when those preferred CJK monospace are
missing, CJK falls back to a serif (Songti) inside the monospace
code box — readability > invisibility.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Add defensive page-break rules so a single <tr> never gets split
across page boundaries (which causes mid-line cell content cuts and
no header repeat — major readability hit).

- tr { page-break-inside: avoid; break-inside: avoid }
  CSS 2.1 + CSS3 Fragmentation aliases for cross-engine safety.
  weasyprint honors both and pushes the row to next page if it
  doesn't fit. Trade-off: short rows at page bottom may get pushed,
  leaving white space — readability > compactness.

- thead { display: table-header-group }
  Repeats the header row on each page when a table spans pages.
  Standard CSS print idiom, weasyprint native support.

Pages-count delta on a 11-page Chinese SOP: 0 (no row was actually
being split today). This is defensive — protects future content
from silent fragmentation regressions.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…t Menlo)

The previous fallback-chain fix (3cb9823) added 'Songti SC, SimSun' to
the code font-family chain. weasyprint still picked Menlo for CJK chars
in mixed-script inline code (e.g. `Terminal/终端`), marking them with a
Menlo font reference in the PDF even though Menlo has no CJK glyphs.

Symptom: Chrome's PDF viewer auto-fell-back so CJK rendered fine, but
strict readers (macOS Preview, Adobe Reader, most print drivers) showed
blanks where CJK should be — only the ASCII parts of inline code visible.

Root cause: weasyprint's font-selection algorithm doesn't probe
per-glyph availability when picking the primary font for a run.

Fix: declare 'Menlo' via @font-face with unicode-range limited to
Latin / Latin-Ext / general punctuation / currency / letterlike. This
makes weasyprint skip Menlo for any CJK char and pick the next chain
font (PingFang SC → Heiti SC → Songti SC) which has CJK glyphs.

Verified with pdfplumber: '终' '端' chars now reference
EIATWD+PingFang-SC / HMHQRL+Heiti-SC-Bold / OKAPEP+Songti-SC-Bold
in the PDF (no more Menlo references for CJK).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
… chain

PingFang SC ships as OpenType (CID Type 0C) on macOS. weasyprint's
subset-embedded OpenType CJK glyphs render correctly in Chrome but
show blank squares in macOS Preview / Adobe Reader / many print
drivers — known weasyprint + Preview compatibility issue with subset
OT-CJK fonts.

Songti SC and Heiti SC are CID TrueType and don't have this issue
(verified by inspection: body text using Songti SC renders fine on
all readers).

Reorder the inline code font-family chain to prefer the CID TrueType
CJK fonts:
  before: 'Menlo', 'PingFang SC', 'Heiti SC', ..., 'Songti SC', 'SimSun', monospace
  after:  'Menlo', 'Songti SC', 'Heiti SC', 'SimSun', 'PingFang SC', ..., monospace

Verified with pdfplumber on the same SOP page that previously broke:
"右键" now references OKAPEP+Songti-SC-Bold (CID TrueType) instead of
MQZJZV+PingFang-SC-Semi-Bold (CID Type 0C OT), so Preview will render
the glyphs correctly.

Trade-off: inline code CJK glyphs are now serif (Songti SC) instead of
sans-serif. Acceptable — readability across all PDF readers > monospace
visual consistency for one font feature.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…h counts

Pandoc reads dash counts in the markdown table separator row and emits
<colgroup><col style="width:X%"> as inline styles in HTML. For tables
with one short-label column and one very long column (e.g. col1 is
"4/28(周二)下午" 9 chars, col4 is a 30+ char address), pandoc allocates
col1 ~17% width — too narrow for CJK labels — forcing mid-token line
breaks like `4/28(周|二)下|午`.

Inline styles beat external stylesheet rules at equal specificity, so
no `td:first-child { width: ... }` rule could override the inline width.
The fix uses `!important` on `<col>` to neutralize pandoc's hint, letting
weasyprint's `table-layout: fixed` distribute width equally (25% per
column for a 4-col table — enough for typical CJK labels).

Authors who genuinely want explicit column widths can still write
raw HTML <colgroup> in markdown.

Verified by 3 parallel agent investigations (CSS-only / HTML postprocess
/ markdown grid-table). Picked CSS-only as simplest one-line fix.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
… mid-break (pandoc colgroup)

Add 2 troubleshooting entries to SKILL.md covering the two CJK rendering
bugs fixed in recent commits (3cb9823 / 6f29306 / 04e404f):

1. Inline code with mixed CJK + ASCII shows blanks in macOS Preview
   - Cause: weasyprint subset-embeds PingFang SC as CID Type 0C
     OpenType, which strict PDF readers (Preview / Adobe) cannot render
     reliably. Chrome PDF viewer auto-fallbacks and hides the bug.
   - Fix already in default theme: prefer CID TrueType (Songti / Heiti)
     before OpenType (PingFang) in code font-family chain.
   - Verify with pdfplumber font-name inspection.

2. Table column 1 with short label gets mid-broken
   (e.g. `4/28(周|二)下|午`)
   - Cause: pandoc auto-emits <colgroup><col style="width:X%"> from
     dash counts in the markdown separator row. Inline style beats
     external CSS — `td:first-child { width:... }` silently shadowed.
   - Fix already in default theme:
     `table colgroup col { width: auto !important }`
   - Verify with `pandoc input.md -t html | grep colgroup`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…+ jq/py fallback (v1.1.0)

- Add context window usage display (actual tokens: 88.9K/1.0M + percentage)
- human() formatter: K/M suffixes with one decimal for readability
- Color-coded thresholds: green ≤50%, yellow 51-80%, red >80%
- Auto-detect jq vs python3 for JSON parsing (Windows compat)
- merge 8 jq calls into 1 (performance)
- Add --no-optional-locks to rev-parse
- New reference: context-window-schema.md (full statusline JSON schema)
- SKILL.md: Dependencies section, context window docs, updated examples
Remove files accidentally generated by an unexpected ralph loop run:
- package.json, package-lock.json (not a Node.js project)
- EOF, TECHNICAL_DEBT.md (spurious files)
- .claude/archive/ralph-*.md (10 archive files)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Remove standalone skill-creator plugin to avoid conflict with
  financial-services-plugins' bundled skill-creator
- Add daymade-skills suite plugin containing ./skill-creator
- Enables /daymade-skills:skill-creator invocation path

chore(gitleaks): allowlist Douban public API key

- 0dad551ec0f84ed02907ff5c42e8ec70 is documented as Douban mobile
  app's public API key, used for zero-config demos

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…aymade-skill suite

Consolidates the three skill-lifecycle tools under a single suite directory,
matching the daymade-docs and daymade-claude-code suite patterns.

- Moves skill-creator/, skill-reviewer/, skills-search/ → daymade-skill/
- Renames marketplace suite plugin: daymade-skills → daymade-skill
- Removes standalone skill-reviewer and skills-search plugin entries
- Updates all path references in CLAUDE.md, README*, QUICKSTART*, PR template

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…docs

- batch_convert.py: add --theme, --backend, --no-preview flags
- themes/mobile.css: new mobile-friendly theme (148mm×210mm, 15px, 1.9 line-height)
- SKILL.md: pushier description, Anti-Pattern section, Print vs Mobile decision table

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Claude Code 2.1.x path-escape validator rejects skills: ["./"] as
escaping the plugin root. These 13 suite member plugins already have
source pointing to the correct skill directory — the explicit skills
field was redundant. Removing it lets auto-discovery handle resolution.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adopt the pattern used by 167/168 plugins in anthropics/claude-plugins-official:
- source points directly to the skill directory (not repo root)
- skills field omitted (auto-discovery from source directory)

Before: source="./"  skills=["./tunnel-doctor"]
After:  source="./tunnel-doctor"  (no skills field)

39 root-level single-skill plugins migrated. The 3 suite plugins
(daymade-claude-code, daymade-docs, daymade-skill) retain explicit
skills arrays for multi-skill routing — matching the netsuite-suitecloud
pattern in the official marketplace.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Update 11 files to reflect the new plugin configuration pattern:
- source points directly to skill directory (not repo root)
- skills field omitted for single-skill plugins (auto-discovery)
- skills field retained only for suite plugins (multi-skill routing)

Files updated:
- CLAUDE.md: marketplace config description, plugin count 57→55
- references/new-skill-guide.md: plugin entry template
- references/plugin-architecture.md: config examples, install flow
- references/plugin-troubleshooting.md: naming mismatch examples
- marketplace-dev/SKILL.md: source/skills guidance, checklist, template
- marketplace-dev/references/: cache patterns, anti-patterns, schema
- skill-creator/SKILL.md: marketplace registration template
- claude-skills-troubleshooting/references/architecture.md: schema example
- marketplace-dev/hooks/post_edit_sync_check.sh: match skills via
  source path when skills array is absent

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bundle 5 audio/speech skills into a new suite covering the full pipeline:
recording → ASR transcription → transcript correction → meeting minutes → TTS

Suite members:
  - asr-transcribe-to-text (from repo root)
  - stepfun-asr (from repo root, newly tracked)
  - transcript-fixer (from repo root)
  - meeting-minutes-taker (from daymade-docs — semantic analysis,
    not document format processing)
  - stepfun-tts (from repo root)

Marketplace 1.53.2 → 1.54.0, plugin entries 55 → 56
(4 suites: daymade-audio, daymade-claude-code, daymade-docs, daymade-skill).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sync badge counts (skills 51→52, version 1.51.0→1.52.0) and add
stepfun-asr skill entry in both English and Chinese READMEs.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Overhaul statusline-generator with improved context window display,
health check script, customization guide, and troubleshooting
decision tree.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- tunnel-doctor: add DNS resolver chain stall documentation (layer 5)
- feishu-doc-scraper: track new skill files
- Remove COMPETITOR_MATRIX.md (stale, not maintained)
- Remove wechat-article-scraper path patterns from .pii-path-patterns
  (skill was previously unregistered from marketplace)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@daymade daymade force-pushed the main branch 2 times, most recently from 915a8c6 to 9c9615e Compare June 28, 2026 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants