The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were identified in the skill logic or instructions. The skill follows best practices for build automation within a trusted repository context.- [EXTERNAL_DOWNLOADS]: The skill uses npm ci to download project dependencies from the official npm registry if the local node_modules folder is missing. This is a standard and expected operation for a build-related skill.- [COMMAND_EXECUTION]: The build-frontend.cs script utilizes System.Diagnostics.Process to execute npm commands. The arguments (ci, run build) are hardcoded, preventing any potential command injection from user-controlled inputs.- [DATA_INGESTION_SURFACE]: The script captures stdout and stderr from the npm subprocess to provide feedback to the agent for error reporting.
Ingestion points: Output is captured via OutputDataReceived and ErrorDataReceived events in build-frontend.cs and printed to the console.
Boundary markers: Output is printed directly to the console without specific delimiters.
Capability inventory: The skill is authorized to execute C# scripts and shell commands (npm) to perform its primary build and validation function.
Sanitization: No sanitization is applied to the subprocess output before it is displayed, which is standard for build tool diagnostics.

build-frontend