Forge 🔨 Repair-Inspect Loop

This skill appears to implement the advertised repair→inspect orchestration, but take these precautions before installing or running it on real repositories: 1. Audit scripts/forge.py (search for subprocess.run/exec/git calls and any network operations). Confirm exactly how commits and external commands are executed. 2. Disable auto-commit and automatic auto-looping during initial evaluation (set config.auto_commit = False and run single-step manual flows). Require human approval before any git push or commit to protected branches. 3. Review how 'universal' patterns are extracted and stored (forge/reflections/patterns.jsonl). If you will run this across multiple projects, either turn off universal extraction or ensure a strict sanitization step to remove any project-specific paths, sample data, or secrets. 4. Treat the doc-sync step as untrusted code execution: it will run project-provided scripts (e.g., scripts/tools/doc-sync-checker.py) if present. Only enable that in isolated/test environments or after reviewing those scripts. 5. Populate protected-files.txt for anything that must never be touched (credentials, deployment scripts, CI config). Test the protected-files enforcement on a sandbox repo with safe dummy files. 6. Run the skill first in a disposable clone/branch with no secrets, and inspect forge-output and reflections files to ensure no sensitive data is being recorded or leaked across projects. If you want, provide the full forge.py content (or search results for subprocess/git/network usage) and I can point to the exact lines to review and suggest safer configuration changes.