Skip to main content

ship

Automates the shipping workflow by merging branches, running tests, and creating pull requests, enhancing deployment efficiency.

Install this skill

or
48/100

Security score

The ship skill was audited on Jun 5, 2026 and we found 26 security issues across 3 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 1039

Template literal with variable interpolation in command context

SourceSKILL.md
10391. Read the `/document-release` skill: `cat ${CLAUDE_SKILL_DIR}/../document-release/SKILL.md`
low line 23

Access to hidden dotfiles in home directory

SourceSKILL.md
23_UPD=$(~/.claude/skills/chief/bin/chief-update-check 2>/dev/null || .claude/skills/chief/bin/chief-update-check 2>/dev/null || true)
low line 25

Access to hidden dotfiles in home directory

SourceSKILL.md
25mkdir -p ~/.chief/sessions
low line 26

Access to hidden dotfiles in home directory

SourceSKILL.md
26touch ~/.chief/sessions/"$PPID"
low line 27

Access to hidden dotfiles in home directory

SourceSKILL.md
27_SESSIONS=$(find ~/.chief/sessions -mmin -120 -type f 2>/dev/null | wc -l | tr -d ' ')
low line 28

Access to hidden dotfiles in home directory

SourceSKILL.md
28find ~/.chief/sessions -mmin +120 -type f -delete 2>/dev/null || true
low line 29

Access to hidden dotfiles in home directory

SourceSKILL.md
29_CONTRIB=$(~/.claude/skills/chief/bin/chief-config get chief_contributor 2>/dev/null || true)
low line 30

Access to hidden dotfiles in home directory

SourceSKILL.md
30_PROACTIVE=$(~/.claude/skills/chief/bin/chief-config get proactive 2>/dev/null || echo "true")
low line 34

Access to hidden dotfiles in home directory

SourceSKILL.md
34_LAKE_SEEN=$([ -f ~/.chief/.completeness-intro-seen ] && echo "yes" || echo "no")
low line 36

Access to hidden dotfiles in home directory

SourceSKILL.md
36mkdir -p ~/.chief/analytics
low line 37

Access to hidden dotfiles in home directory

SourceSKILL.md
37echo '{"skill":"ship","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}' >> ~/.chief/analytics/skill-usage.j
medium line 43

Access to hidden dotfiles in home directory

SourceSKILL.md
43If output shows `UPGRADE_AVAILABLE <old> <new>`: read `~/.claude/skills/chief/chief-upgrade/SKILL.md` and follow the "Inline upgrade flow" (auto-upgrade if configured, otherwise AskUserQuestion with 4
low line 52

Access to hidden dotfiles in home directory

SourceSKILL.md
52touch ~/.chief/.completeness-intro-seen
medium line 104

Access to hidden dotfiles in home directory

SourceSKILL.md
104**To file:** write `~/.chief/contributor-logs/{slug}.md` with **all sections below** (do not truncate — include every section through the Date/Version footer):
low line 216

Access to hidden dotfiles in home directory

SourceSKILL.md
216~/.claude/skills/chief/bin/chief-review-read
low line 258

Access to hidden dotfiles in home directory

SourceSKILL.md
258source <(~/.claude/skills/chief/bin/chief-slug 2>/dev/null)
low line 259

Access to hidden dotfiles in home directory

SourceSKILL.md
259grep '"skill":"ship-review-override"' ~/.chief/projects/$SLUG/$BRANCH-reviews.jsonl 2>/dev/null || echo "NO_OVERRIDE"
medium line 268

Access to hidden dotfiles in home directory

SourceSKILL.md
268- For Design Review: run `source <(~/.claude/skills/chief/bin/chief-diff-scope <base> 2>/dev/null)`. If `SCOPE_FRONTEND=true` and no design review (plan-design-review or design-review-lite) exists in
low line 272

Access to hidden dotfiles in home directory

SourceSKILL.md
272source <(~/.claude/skills/chief/bin/chief-slug 2>/dev/null)
low line 273

Access to hidden dotfiles in home directory

SourceSKILL.md
273echo '{"skill":"ship-review-override","timestamp":"'"$(date -u +%Y-%m-%dT%H:%M:%SZ)"'","decision":"USER_CHOICE"}' >> ~/.chief/projects/$SLUG/$BRANCH-reviews.jsonl
low line 689

Access to hidden dotfiles in home directory

SourceSKILL.md
689source <(~/.claude/skills/chief/bin/chief-diff-scope <base> 2>/dev/null)
low line 712

Access to hidden dotfiles in home directory

SourceSKILL.md
712~/.claude/skills/chief/bin/chief-review-log '{"skill":"design-review-lite","timestamp":"TIMESTAMP","status":"STATUS","findings":N,"auto_fixed":M,"commit":"COMMIT"}'
low line 807

Access to hidden dotfiles in home directory

SourceSKILL.md
807~/.claude/skills/chief/bin/chief-review-log '{"skill":"codex-review","timestamp":"TIMESTAMP","status":"STATUS","gate":"GATE"}'
low line 47

External URL reference

SourceSKILL.md
47thing when AI makes the marginal cost near-zero. Read more: https://garryslist.org/posts/boil-the-ocean"
low line 51

External URL reference

SourceSKILL.md
51open https://garryslist.org/posts/boil-the-ocean
low line 1024

External URL reference

SourceSKILL.md
1024🤖 Generated with [Claude Code](https://claude.com/claude-code)
Scanned on Jun 5, 2026
View Security Dashboard
Installation guide →
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
openclawdevopsbackenddevops-srebackend-developerfullstack-developerdevelopment
onlypfachi/chief