The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The script scripts/ts_diagnostic.py uses subprocess.run(shell=True) to execute system commands such as node, npx, and grep. While shell=True is generally discouraged, the commands in this script use hardcoded strings and do not interpolate unsanitized user input.\n- [EXTERNAL_DOWNLOADS] (LOW): The diagnostic script utilizes npx, which may download and execute packages from the npm registry if the required tools are not locally available.\n- [DATA_EXPOSURE] (SAFE): The script accesses package.json and tsconfig.json within the working directory. This is consistent with its stated purpose of project diagnostics and does not involve accessing sensitive system files.

typescript-expert