The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified. The skill is instructional and focuses on teaching the agent how to perform security audits on other extensions.
[COMMAND_EXECUTION]: The skill utilizes common system utilities like git, curl, and ls to retrieve skill metadata and source code for inspection. These commands are used to facilitate security analysis within temporary working directories.
[EXTERNAL_DOWNLOADS]: Facilitates the discovery and installation of third-party extensions from platforms like skills.sh and SkillHub. It includes rigorous pre-installation auditing instructions to mitigate the risk of downloading malicious code.
[DATA_EXFILTRATION]: Provides explicit guidance on how to detect and reject skills that attempt to exfiltrate sensitive data such as API keys or environment variables.

skill-evaluator