command-executor

The command-executor skill is a specialized tool for developers and technical users designed to bridge the gap between static documentation and live project execution. It functions as an extension to the command-verify ecosystem, providing the capability to actually execute commands discovered in markdown files rather than simply validating their syntax. This skill is intended for scenarios where you need to confirm that documented workflows, build scripts, or test suites work exactly as described in your repository. It provides a secure environment by requiring explicit user confirmation for sensitive operations and enforcing strict safety boundaries to prevent destructive actions.

• Automatically discovers commands within markdown files and categorizes them by risk level (safe, conditional, or dangerous).

• Performs pre-flight git checks to ensure the working directory is clean and the user is aware of the current branch state.

• Captures execution results including stdout, stderr, exit codes, execution duration, and timestamps into structured JSON cache files.

• Implements a fail-fast execution policy, halting immediately if a command encounters an error to prevent cascading issues.

• Enables performance regression monitoring by comparing current execution times against historical audit logs to detect slow-downs.

• Integrates with Bash tools to provide a live interactive experience for testing commands in real-time.

• Generates a transparent execution plan, allowing users to review the intent before proceeding with non-safe or conditional operations.

• Ideal for verifying npm build, test, lint, and typecheck scripts, or checking version dependencies like node --version.

• Requires user confirmation for commands that modify source files (e.g., npm run format) or manipulate node_modules (e.g., npm install).

• Never executes high-risk operations such as rm -rf, drop database, or git push --force.

• Keeps a comprehensive audit log at .cache/command-validations/audit.log for project history and compliance tracking.

• Uses hash-based storage for individual command outputs to facilitate rapid comparisons and performance analysis.

• Designed for compatibility with existing CI/CD workflows and local project development environments.