setup-isolated-setup-doctorlisted

Probe the secure-agent setup for in-session functional restrictions that block legitimate workflows. Three live probes — SSH agent / Yubikey reachability, localhost port binding, docker / podman runtime socket — each mapped to a numbered entry in `docs/setup/sandbox-troubleshooting.md` with the matching settings.json remediation. Read-only — never modifies settings.json, never invokes the sandbox bypass.
apache/airflow-steward · ★ 17 · AI & Automation · score 79

Install: claude install-skill apache/airflow-steward

# setup-isolated-setup-doctor The **diagnostic** layer over the secure agent setup. Complements the existing setup skills: - [`setup-isolated-setup-install`](../setup-isolated-setup-install/SKILL.md) installs the secure setup. - [`setup-isolated-setup-verify`](../setup-isolated-setup-verify/SKILL.md) answers *"is the secure setup **installed** correctly?"* — static checks on settings.json shape, hook wiring, pinned tool versions. Catches drift and missing pieces. - [`setup-isolated-setup-update`](../setup-isolated-setup-update/SKILL.md) surfaces drift against the framework's latest. - **`setup-isolated-setup-doctor` (this skill)** answers *"are common workflows **functionally** blocked by the current sandbox?"* — live probes of SSH agent, port binding, docker / podman socket. Catches over-restrictive allowlists. Run `verify` first when the install is in question (fresh machine, recent framework upgrade, sandbox-state surprise). Run `doctor` when the install is known good but a workflow fails in a sandbox-shaped way — agent unreachable, socket error, port permission error. Every probe maps to a numbered entry in [`docs/setup/sandbox-troubleshooting.md`](../../../docs/setup/sandbox-troubleshooting.md); the doctor's job is to identify *which* entry applies right now, not to re-explain the remediat