The Agent Skills Directory

COMMAND_EXECUTION (SAFE): The skill provides terminal commands for project setup and management using official tools like yo, npm, and vsce. These are standard for the intended technical use case.
EXTERNAL_DOWNLOADS (SAFE): It references the installation of trusted packages from the npm registry, such as @vscode/vsce and @vscode/test-electron, which are necessary for extension development.
CREDENTIALS_UNSAFE (SAFE): Guidance regarding Personal Access Tokens (PATs) is consistent with official security practices for publishing to the Marketplace and does not involve hardcoding or unauthorized collection of secrets.
PROMPT_INJECTION (SAFE): Prompt templates included for code review tasks are instructional examples and do not contain directives designed to subvert the AI agent's operational boundaries.

vscode-extension-guide