dev

The 'dev' skill legitimately enables running code and shell commands, but its broad, unrestricted capability constitutes a high security risk in automated or multi-tenant contexts. The documented advisory rules do not provide enforcement; without additional sandboxing, network restrictions, and strict human-in-the-loop controls, granting this skill to an autonomous agent allows credential theft, data exfiltration, remote payload execution, and persistent compromise. Treat usage as high-risk: require explicit human authorization, isolate in strong sandboxes (no network, read-only FS), and prefer interactive one-off execution rather than autonomous agents with this permission.