The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/generate_review.py script executes the system utilities lsof and fuser via subprocess.run to identify and clear any existing processes using the local port (3118) before starting the server. These calls use argument arrays rather than shell strings, mitigating shell injection risks.
[EXTERNAL_DOWNLOADS]: The review UI template (assets/review_template.html) fetches styling and JavaScript libraries (Mermaid.js, Marked.js) from well-known services including fonts.googleapis.com and cdn.jsdelivr.net.
[DATA_EXPOSURE]: The skill starts a local HTTP server that binds exclusively to 127.0.0.1 (localhost). The server includes validation logic to prevent path traversal when serving assets, ensuring it only accesses the specific document being reviewed and the assets/ directory.
[PROMPT_INJECTION]: The skill establishes a feedback loop where the agent reads user comments from a local .rfc-review/feedback.json file to perform document revisions. While this is an indirect ingestion point for user-controlled data, it is the primary intended collaborative function of the skill.
[SAFE]: No obfuscation, persistence mechanisms, or unauthorized privilege escalation attempts were detected in the skill code or instructions.

dev-rfc