The Agent Skills Directory

[COMMAND_EXECUTION]: The skill implements a set of local Bash and Python scripts (install.sh, verify.sh, score.sh, gate.sh) to automate the auditing process. These scripts execute standard system utilities like grep, jq, and bc to analyze source code and configuration files within the project directory.\n- [DATA_EXFILTRATION]: The notify.sh script provides a mechanism to send compliance reports to a Slack webhook. This is a common notification pattern for development pipelines and utilizes curl to interact with a well-known external service in a transparent manner.\n- [EXTERNAL_DOWNLOADS]: The GitHub Actions template (templates/ai-tool-compliance.yml) includes instructions to install common dependencies such as jq, curl, and bc using standard package managers. This is typical for setting up a verification environment in automated workflows.\n- [SAFE]: The skill functions as a transparent security and operational auditing tool. Its primary goal is to detect vulnerabilities like hardcoded secrets or bypassed API gateways. All analysis is performed locally, and no signs of prompt injection, persistence mechanisms, or obfuscated code were identified.

ai-tool-compliance