The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requests access to the Bash tool to run administrative Python scripts provided in the scripts/ directory. These scripts automate tasks such as scaffolding new skills from templates (scaffold.py), validating skill directories against standard specifications (validate_skill.py), and auditing directory structures (audit_skill_system.py). All scripts are implemented using the Python standard library and contain explicit error handling as documented in the skill's authoring principles.
[DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration was found. The bundling logic in bundle.py and scripts/lib/bundling.py is designed to collect and package local skill files into a ZIP archive for deployment. These scripts implement strict boundary checks using is_within_directory to ensure that file operations are confined to the user-provided system root and do not access unauthorized system locations.
[SAFE]: The skill demonstrates high security awareness by implementing localized processing. It includes a custom, lightweight YAML parser (yaml_parser.py) to avoid external dependencies and provides detailed documentation on security-sensitive platform features like dynamic context injection for educational purposes. All external URL references point to trusted documentation sites or well-known development resources.

skill-system-foundry