The Agent Skills Directory

[SAFE]: The skill uses dynamic context injection (the !find pattern) to gather information about project structure and existing configurations at load time, which is a legitimate use for environment discovery.- [SAFE]: Network operations via WebSearch and WebFetch are directed at trusted organizations and well-known services (e.g., GitHub releases, PyPI, and Crates.io) to retrieve tool versioning metadata.- [SAFE]: The skill automates the installation of recognized security tools such as gitleaks, pip-audit, and cargo-audit from official sources using standard package managers (go install, uv, cargo).- [SAFE]: The provided templates for GitHub Actions, Dependabot, and security policies adhere to security best practices and do not contain malicious instructions or exfiltration patterns.

configure-security