The Agent Skills Directory

[NO_CODE] (SAFE): Technical analysis of the provided files (SKILL.md and references/) confirms that the skill contains no executable logic or scripts. It serves entirely as a knowledge base and architecture decision framework for the agent to reference during planning sessions.- [EXTERNAL_DOWNLOADS] (LOW): In the modern-extensions.md reference file, the skill provides implementation examples for Java that include 'log4j:1.2.17'. This specific version is end-of-life and contains known remote code execution vulnerabilities (e.g., CVE-2019-17571). While this is a documentation-only finding, it promotes insecure development practices.- [CREDENTIALS_UNSAFE] (SAFE): The setup-and-tools.md file contains example configuration blocks for environment variables. All sensitive fields such as 'API_KEY' and 'OAUTH_CLIENT_SECRET' use descriptive placeholders (e.g., 'your-api-key-here') and no real credentials or secrets are exposed.

fifteen-factor-app