The Agent Skills Directory

[SAFE]: The skill serves a legitimate security purpose, providing a structured approach for auditing browser extensions for vulnerabilities, compliance, and best practices.
[COMMAND_EXECUTION]: Uses common diagnostic shell commands such as grep, jq, and npm audit. These are used appropriately for static analysis of code patterns and manifest configurations.
[SAFE]: While the skill analyzes external data (extension source code), it does so using standard tools that do not facilitate arbitrary code execution from the content being scanned. The risk of indirect prompt injection is inherent to text analysis but is mitigated by the specific, task-oriented nature of the audit commands.

extension-analyze