The Agent Skills Directory

[SAFE]: The skill is entirely instructional, providing secure coding patterns and checklists for common web development and blockchain tasks.\n- [EXTERNAL_DOWNLOADS]: The skill references several well-known and trusted Node.js libraries in its examples, including 'zod' for validation, 'isomorphic-dompurify' for XSS protection, 'express-rate-limit' for rate limiting, and '@solana/web3.js' for blockchain interactions. These are industry-standard tools and do not pose a risk in the context provided.\n- [CREDENTIALS_UNSAFE]: The skill explicitly demonstrates the dangers of hardcoded credentials and provides placeholders (e.g., 'sk-proj-xxxxx', 'password123') for illustrative purposes only, alongside correct practices using environment variables.

security-review