The Agent Skills Directory

[COMMAND_EXECUTION]: The provided Python scripts (doctor.py, onboard.py, check_upstream.py) use subprocess.run to interact with local binaries like the surreal CLI and GitHub CLI (gh). These operations are functional, used for checking tool versions and comparing repository states against the skill's snapshot.
[EXTERNAL_DOWNLOADS]: Documentation and installation instructions correctly point to official, trusted sources including Homebrew, Cargo, npm, PyPI, and the official surrealdb GitHub organization repositories for SDKs and ecosystem tools.
[CREDENTIALS_UNSAFE]: Rule files and examples frequently mention default root/root credentials. However, these are strictly limited to local development examples and are accompanied by prominent security warnings advising against their use in production environments.
[DATA_EXFILTRATION]: No unauthorized network activity was detected. check_upstream.py contacts the GitHub API via the gh CLI to check for updates to tracked repositories, which is a transparent and documented maintenance function.
[PROMPT_INJECTION]: No adversarial prompt injection patterns or attempts to override agent safety protocols were found in the instructions or AGENTS.md briefing.

surrealdb