The Agent Skills Directory

[CREDENTIALS_UNSAFE] (HIGH): The skill contains hardcoded credentials within its code examples. \n
Evidence: SKILL.md contains password: "secret" and token: "my-token" within the 'Built-in Middleware' section. These specific strings, while intended as examples, trigger high-severity credential safety violations. \n- [COMMAND_EXECUTION] (LOW): The skill utilizes standard command-line tools for environment setup and execution. \n
Evidence: Examples include bun create, bun install, and bun run dev. \n- [EXTERNAL_DOWNLOADS] (SAFE): The skill instructs the agent to download dependencies using a trusted package manager. \n
Evidence: bun install is used to fetch the Hono framework and its associated validators. \n- [Indirect Prompt Injection] (LOW): The skill exposes surfaces that ingest untrusted data from external sources. \n
1. Ingestion points: c.req.param("id"), c.req.query(), and c.req.json() in SKILL.md. \n
1. Boundary markers: Absent in routing and request handling sections. \n
1. Capability inventory: Local server hosting and request processing capabilities. \n
1. Sanitization: The skill demonstrates proper use of Zod schema validation (zValidator) to sanitize inputs in specific sections.

Bun Hono Integration