The Agent Skills Directory

[SAFE]: The skill serves as a documentation and template library for extension developers, promoting secure development practices.\n- [SAFE]: Includes a dedicated security guide (references/security.md) that provides correct implementations for preventing Cross-Site Scripting (XSS), Command Injection, and Path Traversal.\n- [SAFE]: Properly instructs developers on handling sensitive data using the VS Code SecretStorage API rather than insecure configuration files or environment variables.\n- [SAFE]: Webview templates include robust security measures such as unique nonces for scripts and strict Content Security Policies (CSP) to restrict resource loading.

vscode-extension-uiux