The Agent Skills Directory

[SAFE]: The skill implements a standard feedback submission workflow for the 'hence-sh' platform. It includes an authentication script (scripts/auth.py) that uses a secure OAuth 2.0 device flow to obtain tokens from https://hence.sh/api/auth/device. Alternatively, it supports manual API key entry for CI/CD environments. All network communication is directed to the vendor's official domain (hence.sh), which is consistent with the skill's stated purpose and authorship. The feedback submission script (scripts/feedback.py) correctly handles data validation and uses the stored credentials to POST feedback to the official API endpoint. No evidence of data exfiltration, prompt injection, or unauthorized command execution was found.

hence-feedback