The Agent Skills Directory

[COMMAND_EXECUTION]: The Python scripts scripts/agent.py and scripts/process.py execute external security scanners (checkov and tfsec) using the subprocess.run module. These calls use argument lists instead of raw shell strings, which effectively mitigates command injection risks.
[EXTERNAL_DOWNLOADS]: The skill references the installation of the checkov utility via pip. These tools are legitimate industry-standard software for cloud infrastructure security.
[SAFE]: No malicious patterns such as credential theft, data exfiltration, or obfuscation were detected. The skill operates as described, providing automation for security compliance in DevOps workflows.

implementing-infrastructure-as-code-security-scanning