Least Privilege Access Design

This instruction-only skill is internally consistent with its stated purpose (least‑privilege analysis) and does not request unexpected installs, credentials, or persistent privileges.

This skill appears coherent and low-risk, but it legitimately needs access to your codebase, IAM/policy files, runbooks, and architecture diagrams to do its job. Before installing or invoking it: (1) grant the skill only the minimal repository/config read access required—avoid giving write or broad admin rights unless necessary; (2) do not expose live secrets or credentials in the input artifacts you supply; (3) prefer running the analysis in a controlled/staging environment or on redacted copies if the repository contains sensitive data; (4) limit optional shell/grep execution permissions if your platform supports tool-level restrictions; and (5) review the produced recommendations and any automated changes manually before applying them. If you cannot or will not share IAM/policy files, use the skill in interview mode with engineers instead.