The Agent Skills Directory

[SAFE]: The skill's configuration and instructions follow standard operational procedures for security audits without attempting to bypass safety filters or override agent behavior.
[SAFE]: The scripts 'scripts/snyk_scan.sh' and 'scripts/trivy_scan.sh' are Python-based templates that perform local file metadata inspection (counting JSON keys or file sizes). They do not contain any network operations, shell command execution, or data exfiltration logic.
[SAFE]: No obfuscated content, hardcoded credentials, or persistence mechanisms were found across the analyzed files.
[SAFE]: The 'allowed-tools' section in the frontmatter correctly uses a restricted scope for bash execution, limiting the agent's interaction to docker and kubectl contexts.

scanning-container-security