The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the macOS open utility to interact with the Dash application using documented URL schemes such as dash:// for searches and dash-install:// for installations. This is a standard and safe integration pattern for the macOS environment.
[EXTERNAL_DOWNLOADS]: The scripts/dash_catalog_refresh.py script allows for updating local docset catalogs by fetching JSON data from the official Dash (Kapeli) repositories on GitHub. These downloads are restricted to metadata used for catalog matching and do not involve executable code.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns were detected. Subprocess calls in scripts/run_workflow.py are strictly limited to executing the skill's own helper scripts located within the same directory using the local Python interpreter.
[DATA_EXFILTRATION]: The skill reads the Dash application's local API status file (status.json) to discover the port for its local HTTP server. This access is limited to the necessary configuration for the skill's primary search functionality and does not target sensitive user data or credentials.

apple-dash-docsets