From 6d033eae591794b4b5e0db1ae626328efbc5a2e1 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 18 May 2026 00:42:15 +0000
Subject: [PATCH 1/3] chore(deps): update anthropics/skills digest to 6a5bb06

---
 skills/claude-api/spec.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/skills/claude-api/spec.yaml b/skills/claude-api/spec.yaml
index 230da74..e5e10e4 100644
--- a/skills/claude-api/spec.yaml
+++ b/skills/claude-api/spec.yaml
@@ -9,7 +9,7 @@ metadata:
 
 spec:
   repository: "https://github.com/anthropics/skills"
-  ref: "f458cee31a7577a47ba0c9a101976fa599385174"  # main as of 2026-04-07
+  ref: "6a5bb06904ab164a345e41c381fc9097954b83da"  # main as of 2026-04-07
   path: "skills/claude-api"
   version: "0.1.1"
 

From 6d757b2a29af21bd2d0425b59c767904f1bb0c3d Mon Sep 17 00:00:00 2001
From: "toolhive-release-app[bot]"
 <280093410+toolhive-release-app[bot]@users.noreply.github.com>
Date: Mon, 18 May 2026 00:42:51 +0000
Subject: [PATCH 2/3] chore(skills): bump spec.version for claude-api

---
 skills/claude-api/spec.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/skills/claude-api/spec.yaml b/skills/claude-api/spec.yaml
index e5e10e4..d425b7b 100644
--- a/skills/claude-api/spec.yaml
+++ b/skills/claude-api/spec.yaml
@@ -11,7 +11,7 @@ spec:
   repository: "https://github.com/anthropics/skills"
   ref: "6a5bb06904ab164a345e41c381fc9097954b83da"  # main as of 2026-04-07
   path: "skills/claude-api"
-  version: "0.1.1"
+  version: "0.1.2"
 
 provenance:
   repository_uri: "https://github.com/anthropics/skills"

From 816450e21259b533f1f2001253fa5e064edd9194 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio <ozz@stacklok.com>
Date: Wed, 3 Jun 2026 09:46:48 +0300
Subject: [PATCH 3/3] fix(claude-api): allowlist skill-scanner false positives
 for ref 6a5bb06
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The cisco-ai-skill-scanner trigger/behavioral rule packs fire HIGH/CRITICAL
on the new upstream docs (model-migration.md, prompt-caching.md, etc.) pulled
in by this digest bump. All blocking findings are substring/word-fragment
matches on legitimate API documentation prose and code examples — verified
false positives with no executable threat. Added per-rule allowed_issues.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---
 skills/claude-api/spec.yaml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/skills/claude-api/spec.yaml b/skills/claude-api/spec.yaml
index d425b7b..d86acc7 100644
--- a/skills/claude-api/spec.yaml
+++ b/skills/claude-api/spec.yaml
@@ -23,3 +23,39 @@ security:
   allowed_issues:
     - rule_id: SOCIAL_ENG_ANTHROPIC_IMPERSONATION
       reason: "claude-api is packaged from anthropics/skills — the Anthropic branding is authentic, not impersonation."
+    # The cisco-ai-skill-scanner trigger/behavioral rule packs fire on the new
+    # upstream docs (shared/model-migration.md, prompt-caching.md, models.md,
+    # managed-agents-*.md) pulled in at ref 6a5bb06. All blocking findings are
+    # substring/word-fragment matches on legitimate API documentation prose and
+    # code examples — verified false positives, no executable threat. See scan
+    # for anthropics/skills @6a5bb06904ab164a345e41c381fc9097954b83da.
+    - rule_id: ATR_2026_00001
+      reason: "FP: matched prose 'become a concern' in model-migration.md."
+    - rule_id: ATR_2026_00004
+      reason: "FP: matched `{\"role\": \"` JSON message examples in API docs."
+    - rule_id: ATR_2026_00010
+      reason: "FP: matched word fragments in prose (e.g. 'onc'/'balanc'/'differenc'/'intelligenc') and effort/thinking parameter docs."
+    - rule_id: ATR_2026_00012
+      reason: "FP: matched 'system', $ANTHROPIC_API_KEY and getenv() in API documentation examples."
+    - rule_id: ATR_2026_00040
+      reason: "FP: matched the keyword 'EXEC'/exec in documentation."
+    - rule_id: ATR_2026_00051
+      reason: "FP: substring/keyword match on upstream documentation prose; no executable threat."
+    - rule_id: ATR_2026_00063
+      reason: "FP: substring/keyword match on upstream documentation prose; no executable threat."
+    - rule_id: ATR_2026_00064
+      reason: "FP: substring/keyword match on upstream documentation prose; no executable threat."
+    - rule_id: ATR_2026_00066
+      reason: "FP: matched code-fence language tokens (`python`/`bash`/`sh`) in docs."
+    - rule_id: ATR_2026_00091
+      reason: "FP: substring/keyword match on upstream documentation prose; no executable threat."
+    - rule_id: ATR_2026_00111
+      reason: "FP: matched file references and plain words (e.g. `shared/models.md`, `id`, `set`)."
+    - rule_id: ATR_2026_00140
+      reason: "FP: substring/keyword match on upstream documentation prose; no executable threat."
+    - rule_id: ATR_2026_00213
+      reason: "FP: matched the literal phrase 'system prompt' in documentation."
+    - rule_id: PG_PII_CREDENTIAL_HARVESTING
+      reason: "FP: matched prose 'Store MCP credential'; documentation, not credential exfiltration."
+    - rule_id: PG_PII_SSN_HARVESTING
+      reason: "FP: matched prose fragments ('ask the user...', toggle `thinking`); rule is also misconfigured upstream (unknown category 'pii_exposure')."