The Agent Skills Directory

[SAFE]: No malicious patterns detected across the evaluated threat categories. All described actions are consistent with the skill's stated purpose of SDK development and maintenance.- [COMMAND_EXECUTION]: Orchestrates the build process through local npm scripts such as npm run capture, npm run generate, and npm run build. These commands are standard for project automation and do not involve unauthorized privilege escalation.- [EXTERNAL_DOWNLOADS]: Mentions the use of package managers (npm, bun) and references the @google/stitch-sdk/ai library. These resources are consistent with the developer's identity and standard development workflows.- [CREDENTIALS_UNSAFE]: Correctly identifies the need for environment variables (STITCH_API_KEY, GEMINI_API_KEY) for E2E testing without hardcoding any secrets or sensitive credentials in the skill file itself.

stitch-sdk-pipeline