The Agent Skills Directory

[SAFE]: The skill is designed to operate locally. By default, it communicates with a local service at 127.0.0.1:3000. The code includes built-in security documentation (SECURITY.md) and follows best practices for input sanitization.
[EXTERNAL_DOWNLOADS]: The skill uses standard, well-known libraries (@modelcontextprotocol/sdk and zod) for its runtime environment. These dependencies are installed via standard package managers during setup.
[COMMAND_EXECUTION]: The runtime environment is initiated using Node.js as specified in the MCP configuration. There are no instances of arbitrary shell command execution or unsafe subprocess spawning within the logic scripts.
[DATA_EXFILTRATION]: No network exfiltration to unknown or untrusted domains was found. All network operations are strictly mapped to the local Matrix Mate app surface.
[PROMPT_INJECTION]: The skill contains defensive instructions that explicitly tell the agent to treat external content and tool outputs as data rather than instructions, mitigating potential indirect prompt injection risks from flight search results.

matrix-mate-offline