The Agent Skills Directory

[SAFE]: The skill consists of Markdown documentation, templates, and workflows. All previously included Python scripts were removed in version 3.0.0 to adhere to a documentation-only philosophy, significantly reducing the attack surface.
[SAFE]: The skill provides detailed guidance on 'Permission Patterns,' instructing users and the AI to implement strict controls over high-risk tools like bash, write, and edit. It includes explicit 'deny' rules for destructive commands such as rm -rf, DROP DATABASE, and mkfs within its templates (e.g., db-admin.md, devops-agent.md).
[SAFE]: The skill implements a 'Context First' core principle across all agent templates, requiring agents to identify missing information and confirm requirements before taking action, which mitigates risks associated with acting on incomplete or ambiguous user input.
[SAFE]: The 'Security Risk Levels' guide helps categorize agents by their potential impact, recommending that most agents remain in the 'Safe' (read-only) tier unless a higher risk level is explicitly justified and controlled.
[SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or hardcoded credentials was found. External references target well-known platforms (GitHub) and the official documentation of the target platform (opencode.ai).

opencode-agent-creator