The Agent Skills Directory

[SAFE]: The skill consists of documentation and best-practice guidelines for software development. No malicious instructions, obfuscation, or unauthorized data access patterns were identified.\n- [DATA_EXFILTRATION]: The skill promotes secure data handling by explicitly advising against hardcoding credentials and recommending environment variables for secret management. It also provides examples of path validation to prevent access to sensitive files like .env or SSH keys.\n- [REMOTE_CODE_EXECUTION]: No remote code execution or suspicious download patterns were found. References to package managers (e.g., npm install) are provided as standard installation instructions for third-party Language Server Protocol (LSP) binaries.\n- [COMMAND_EXECUTION]: The documentation mentions a validation script (validate-plugin.py) for checking plugin structure, but this is a local utility reference and no unauthorized or dangerous command execution logic is present within the skill files.

plugin-best-practices