The Agent Skills Directory

[SAFE]: The skill operates entirely on local project documentation using transparent bash scripts. No malicious behavior, obfuscation, or security risks were identified during the analysis.
[COMMAND_EXECUTION]: The skill executes local bash scripts (scripts/bootstrap and scripts/validate-context) to automate documentation audits and installation tasks. These scripts utilize standard POSIX utilities such as grep, awk, sed, and find to process markdown files and do not perform any dangerous operations or interact with sensitive system files outside of the installation directory.
[EXTERNAL_DOWNLOADS]: No remote downloads or external dependency installations were detected. The bootstrap script only copies local files provided with the skill.
[DATA_EXFILTRATION]: The skill does not access sensitive user files (such as credentials or SSH keys) and has no network capabilities to transmit data externally.
[PROMPT_INJECTION]: The skill ingests project markdown files (such as AGENTS.md and README.md) to guide agent behavior during pre-task preparation. While this represents a potential surface for indirect prompt injection if an attacker can modify project documentation, this behavior is inherent to the skill's primary purpose and is considered safe within that context. The mandatory evidence chain for this surface includes: 1. Ingestion points: project root markdown files and documentation; 2. Boundary markers: absent; 3. Capability inventory: file-write operations and local script execution; 4. Sanitization: absent (standard for documentation tools).

evolve-context