The Agent Skills Directory

[SAFE]: The skill is a legitimate internal support tool for debugging the TurboSnap feature of Chromatic. It follows best practices by providing a clear evidence ladder and diagnosis taxonomy to guide the agent's reasoning.
[COMMAND_EXECUTION]: The reference/command-catalog.md file defines several shell commands used for local project introspection. These include standard utilities such as git (for repository history and branch state), rg (ripgrep, for identifying configuration flags in local files), and npx (for running specific diagnostic tools). These operations are restricted to the context of the project being debugged and are necessary for the skill's stated purpose.
[EXTERNAL_DOWNLOADS]: The skill recommends using npx to execute the chromatic CLI and the @chromatic-com/turbosnap-helper package. These are official resources provided by the vendor (chromaui/chromatic). Per the trust-scope guidelines, execution of vendor-owned packages from established registries is considered safe and appropriate for this diagnostic use case.
[DATA_EXPOSURE_&_EXFILTRATION]: While the skill instructs the agent to read project configuration files (such as chromatic.config.json and .github/workflows), this is done solely to verify setup parameters. No evidence of credential harvesting, unauthorized file access to sensitive directories (e.g., .ssh or .aws), or exfiltration to non-vendor domains was detected.

turbosnap-debug-internal