Feat/copilot cli skill parity rebased#68
Merged
josealekhine merged 2 commits intomainfrom Apr 14, 2026
Merged
Conversation
Port all 40 Claude skills to Copilot CLI format with proper YAML frontmatter (tools array instead of allowed-tools string). Includes lifecycle hook scripts (bash + PowerShell), agent instructions, and hook configuration. Contents: - 40 skill SKILL.md files under integrations/copilot-cli/skills/ - 8 hook scripts (session-start/end, pre/post-tool-use × bash/ps1) - INSTRUCTIONS.md agent bootstrap instructions - ctx-hooks.json lifecycle hook configuration - Updated embed.go to include integrations assets - Parity spec document (specs/copilot-feature-parity-kit.md) Signed-off-by: ersan bilik <ersanbilik@gmail.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: ersan bilik <ersanbilik@gmail.com>
Combines two in-flight workstreams into one commit. ## Docstring namespace sweep (parallel agent) Follow-up to the CLI namespace cleanup in 78fbdf7. Updates doc comments, blog posts, recipes, and the regenerated site to reflect current command names (e.g. `ctx pause` → `ctx hook pause`, `ctx resume` → `ctx hook resume`, `ctx message` → `ctx hook message`). Also refreshes the Copilot CLI integration skills added in edaac81 (PR #63) to match the new namespace. Scope: ~450 files across docs/, site/, internal/cli, internal/write, internal/config, .github/, integration skill templates, and .claude/ skill SKILL.md files. ## Git push regex hardening (this session) The `block-dangerous-command` hook's `MidGitPush` regex only matched `git push` mid-command after `;`, `&&`, or `||`. This session accidentally bypassed it with `git -C <path> push` — the permissions deny list `Bash(git push *)` only matches prefix `git push`, so `git -C <path> push` also slipped through. Replace `MidGitPush` with a broader `GitPush` that covers: - Bare `git push` at command start - All separator and subshell entry points (`;`, `&&`, `||`, `|`, `&`, `(`, `$(`, backtick, newline) - Env-var and command-wrapper prefixes (`GIT_DIR=/x git push`, `time git push`, `nice git push`) - Any flag shape between `git` and `push` (`-C path`, `-c key=val`, `--git-dir=/path`, `--no-pager`, `--bare`, `-p`, `-P`) - Tail anchor that distinguishes subcommand from ref names (`push-to-remote`, `push_branch`) via `[^a-zA-Z0-9._/-]|$` Documented trade-offs: accepted false positives on `git log push` and `git commit -m push` (push as literal arg); known blind spots for `eval` / `sh -c` quoting and shell aliases. Adds `internal/config/regex/cmd_test.go` with 42 table-driven cases covering all entry points, flag shapes, prefixes, negative cases (other subcommands, ref-name continuations), and the accepted false-positive classes. Renames the Go symbol `MidGitPush` → `GitPush` to accurately reflect scope; keeps legacy variant string `mid-git-push` and text key `block.mid-git-push` (user-facing message is already generic: "git push requires explicit user approval"). Spec: specs/git-push-regex-hardening.md Spec: specs/cli-namespace-cleanup.md Signed-off-by: Jose Alekhinne <jose@parlakisik.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes: #63
Combines two in-flight workstreams into one commit.
Docstring namespace sweep (parallel agent)
Follow-up to the CLI namespace cleanup in 78fbdf7. Updates
doc comments, blog posts, recipes, and the regenerated site to
reflect current command names (e.g.
ctx pause→ctx hook pause,ctx resume→ctx hook resume,ctx message→ctx hook message).Also refreshes the Copilot CLI integration skills added in
edaac81 (PR #63) to match the new namespace.
Scope: ~450 files across docs/, site/, internal/cli, internal/write,
internal/config, .github/, integration skill templates, and .claude/
skill SKILL.md files.
Git push regex hardening (this session)
The
block-dangerous-commandhook'sMidGitPushregex only matchedgit pushmid-command after;,&&, or||. This sessionaccidentally bypassed it with
git -C <path> push— the permissionsdeny list
Bash(git push *)only matches prefixgit push, sogit -C <path> pushalso slipped through.Replace
MidGitPushwith a broaderGitPushthat covers:git pushat command start;,&&,||,|,&,(,$(, backtick, newline)GIT_DIR=/x git push,time git push,nice git push)gitandpush(-C path,-c key=val,--git-dir=/path,--no-pager,--bare,-p,-P)(
push-to-remote,push_branch) via[^a-zA-Z0-9._/-]|$Documented trade-offs: accepted false positives on
git log pushand
git commit -m push(push as literal arg); known blind spotsfor
eval/sh -cquoting and shell aliases.Adds
internal/config/regex/cmd_test.gowith 42 table-driven casescovering all entry points, flag shapes, prefixes, negative cases
(other subcommands, ref-name continuations), and the accepted
false-positive classes.
Renames the Go symbol
MidGitPush→GitPushto accuratelyreflect scope; keeps legacy variant string
mid-git-pushand textkey
block.mid-git-push(user-facing message is already generic:"git push requires explicit user approval").
Spec: specs/git-push-regex-hardening.md
Spec: specs/cli-namespace-cleanup.md
Signed-off-by: Jose Alekhinne jose@parlakisik.com