The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill's 'Validation Workflow' and 'Sync to Vercel' sections explicitly instruct the agent to run Python scripts that are not provided within the skill package.
Evidence: python scripts/validate_env.py .env.local --framework nextjs in SKILL.md
Evidence: python scripts/scan_exposed.py --check-gitignore in SKILL.md
Evidence: python scripts/sync_secrets.py --platform vercel --sync in SKILL.md
Risk: An agent is directed to execute logic that has not been audited or included in the skill, which could lead to arbitrary code execution if malicious scripts are present in the project directory.
[CREDENTIALS_UNSAFE] (LOW): The documentation contains multiple hardcoded example credentials and secret key patterns.
Evidence: STRIPE_SECRET_KEY=sk_live_xyz789 and DATABASE_URL=postgres://user:password@host:5432/database in SKILL.md.
Risk: While these appear to be placeholders or illustrative examples, they represent high-entropy sensitive data types that are targets for exfiltration.

nextjs-env-variables