Phy Flag Janitor

The skill's instructions and scope are consistent with a local feature-flag auditing tool, but there are a few small mismatches and safety considerations you should review before running it on sensitive repositories.

This skill appears to do what it says: scan a repository for dead/always-on/always-off flags and produce cleanup guidance. Before using it: (1) Confirm the executing agent will not auto-run any removal commands — review any generated 'safe-to-delete' commands and run them manually after inspection. (2) Understand it uses shell tools (grep, find, xargs, sed, etc.); the metadata doesn't list these as required—ensure those binaries are available. (3) Running it will read configuration files and .env files; don't run it on repositories containing secrets unless you are comfortable with the output being visible to the agent. (4) The SKILL.md mentions "git history" but the shown commands don't include git usage — ask the publisher for clarification about how it uses history and whether it will execute git commands. (5) The source is unknown; if you will run this on sensitive data, consider running it in a controlled environment (local copy or CI job with no network egress) and verify outputs before applying changes.