The Agent Skills Directory

[SAFE]: The skill's primary logic in main.cjs provides a defensive security gate using regex to scan for red flags in external content.
[SAFE]: No malicious obfuscation, remote code execution, or credential theft patterns were identified in the skill scripts or metadata.
[SAFE]: Local file access is restricted to reading trusted source configurations and appending to audit logs in the agent's runtime directory.
[SAFE]: Indirect prompt injection surface exists (Category 8) but is mitigated by design.
[SAFE]: Ingestion points: main.cjs accepts external content via CLI arguments or file paths.
[SAFE]: Boundary markers: The skill instructions mandate its use as a gate before incorporation of fetched data.
[SAFE]: Capability inventory: The skill utilizes fs for logging and defines Read, Write, Bash, Glob, and Grep tools.
[SAFE]: Sanitization: Employs specific regex patterns to detect and block malicious content before it influences agent behavior.

content-security-scan