The Agent Skills Directory

[SAFE]: Extensive review of the skill's instructional content and source code confirms the absence of malicious intent, prompt injections, or hidden logic.\n- [EXTERNAL_DOWNLOADS]: The skill makes legitimate requests to the official Microsoft Clarity Data Export API (https://www.clarity.ms). This interaction is conducted securely over HTTPS and is necessary for the skill's primary function of data retrieval from a well-known service.\n- [CREDENTIALS_UNSAFE]: The skill demonstrates safe credential handling. It requires a Microsoft Clarity API token but correctly avoids hardcoding it, instead relying on standard environment variable loaders and documenting the use of .env files for local security.\n- [DATA_EXFILTRATION]: Network traffic is strictly limited to communication with the official service provider. There is no evidence of data being sent to unauthorized third-party domains. Local storage is limited to a performance cache for API responses.\n- [REMOTE_CODE_EXECUTION]: No remote code execution vulnerabilities were found. The skill processes data as structured JSON and does not utilize risky functions such as eval() or subprocess.run() on content derived from the API or user input.

microsoft-clarity