The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes Python's subprocess module and shell scripts to run legitimate development tools such as npm, pip, and git. These commands are scoped to auditing dependencies and managing project state, which is the primary purpose of the skill.\n- [EXTERNAL_DOWNLOADS]: The skill performs network operations to check for package updates from official registries (NPM, PyPI) and to fetch changelogs for breaking change analysis. These operations target well-known, trusted services in the software development ecosystem.\n- [REMOTE_CODE_EXECUTION]: The skill suggests using npx for running codemods and migration tools. This involves downloading and executing packages from the NPM registry, a standard practice for the intended migration workflows.\n- [PROMPT_INJECTION]: The skill processes external content such as dependency manifests and changelogs. While this presents an ingestion surface for potential indirect prompt injection, the risk is negligible as the data is used for structural analysis (versioning and keyword matching).\n- [DATA_EXFILTRATION]: No evidence of sensitive data exfiltration was detected. Network activity is limited to health checks, dependency auditing, and documentation retrieval from trusted sources.

framework-migration-deps-upgrade