Sparkey

The 'sparkey' skill bundle provides a robust framework for granting temporary, restricted SSH access to AI agents using a defense-in-depth approach (certificate TTL, OS account expiry, and a restricted dispatch shell). Analysis of scripts like grant-access.sh and the restricted shell logic shows intentional security controls, such as input sanitization against shell metacharacters, path traversal checks using readlink -f, and automated cleanup via at or systemd-run. The code is well-documented, lacks any evidence of data exfiltration or unauthorized persistence, and aligns perfectly with its stated purpose of providing auditable, time-boxed access.