The Agent Skills Directory

[SAFE]: The skill implements standard Software Configuration Management (SCM) and Conventional Commits workflows without any malicious patterns or bypass attempts.
[COMMAND_EXECUTION]: Employs standard local CLI tools for Git operations and repository analysis.
Evidence: Uses git status, git diff, git log, and git commit in SKILL.md to automate staging and commits.
Evidence: resources/onboarding-risk-signals.md uses git log, sort, uniq, and rg to calculate maintenance metrics like churn and development velocity.
[CREDENTIALS_UNSAFE]: Includes built-in mechanisms to prevent the accidental exposure of credentials.
Evidence: config/commit-config.yaml contains a forbidden_patterns list targeting sensitive files such as *.env, *.key, and credentials.json.
Evidence: SKILL.md contains explicit instructions to never stage secrets and to only stage files via explicit paths.
[DATA_EXFILTRATION]: No network exfiltration or unauthorized data access patterns were identified. Analysis is restricted to local Git metadata and project configuration files.

oma-scm