The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/security_scan.py utilizes subprocess.run to execute the npm audit command. This is a standard operation for security tooling to identify dependency vulnerabilities and is implemented using safe subprocess handling without shell=True.
[DATA_EXPOSURE]: The skill defines various regex patterns for identifying sensitive information like API keys and credentials. These are used strictly for local project analysis and do not involve unauthorized data access or exfiltration from the host environment.
[INDIRECT_PROMPT_INJECTION]: The scanner is designed to process external project files which constitutes an attack surface for indirect injection. However, this is a known risk for any static analysis tool, and the script's output is structured (JSON) to facilitate safe processing by the agent.

vulnerability-scanner