The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes standard package management commands (npm ci, npx) to install well-known development tools and the official Anima SDK from the public NPM registry.
Evidence: References to @animaapp/anima-sdk, tsx, and eslint in SKILL.md.
[COMMAND_EXECUTION]: The GitHub Actions workflow contains standard shell commands for repository management and automated PR creation.
Evidence: Use of git commands and the gh CLI for synchronizing generated UI components.
[DATA_EXPOSURE]: Authentication tokens for external services (Anima, Figma) and GitHub are handled correctly using GitHub Secrets, preventing credential leakage in logs or code.
Evidence: Mapping of environment variables to ${{ secrets.* }} in the .github/workflows/design-sync.yml configuration.
[SAFE]: The skill's functionality is consistent with its documentation. No malicious patterns, obfuscation, or suspicious network activities were identified during the analysis.

anima-ci-integration