The Agent Skills Directory

[SAFE]: The skill is primarily educational and architectural, providing guidelines and code templates rather than executable logic. No malicious patterns were identified across any analyzed files.
[CREDENTIALS_UNSAFE]: The implementation templates in references/implementation.md promote secure secret management. They use a prioritized lookup: environment variables, followed by the OS Keyring (via the keyring library), with local .env files as a restricted-permission fallback. No hardcoded credentials are present.
[EXTERNAL_DOWNLOADS]: The skill references standard, reputable Python libraries (typer, rich, httpx, keyring, python-dotenv) for CLI development. These are well-known packages from the official Python Package Index (PyPI).
[DATA_EXFILTRATION]: No exfiltration patterns detected. The Client pattern uses httpx to communicate with a placeholder API domain (api.example.com) for legitimate tool functionality, not for harvesting system data.
[PROMPT_INJECTION]: The instructions are descriptive and aim to teach the agent how to build tools that are easy to parse and chain. There are no attempts to override system prompts or bypass safety filters.

cli-ops