The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses the subprocess.run function to execute OPA CLI commands such as eval, test, and check. These calls are implemented using list-based arguments which prevents shell injection vulnerabilities.
[COMMAND_EXECUTION]: The script scripts/process.py executes the conftest and kubectl utilities via subprocess.run to evaluate local manifests and query cluster audit violations. These operations use safe list-based command construction.
[EXTERNAL_DOWNLOADS]: The skill provides instructions to download the conftest binary from the official Open Policy Agent GitHub repository and the opa binary from the project's official website. These are trusted sources for these tools.
[EXTERNAL_DOWNLOADS]: Documentation in references/api-reference.md includes standard package installation commands for the requests and pyyaml Python libraries from public registries.

implementing-policy-as-code-with-open-policy-agent