The Agent Skills Directory

[SAFE]: The skill is designed for legitimate software composition analysis, specifically for AI/ML components. It uses official Snyk tooling to perform its tasks.
[COMMAND_EXECUTION]: The skill utilizes Bash and Grep tools to perform local environment checks, such as verifying the presence of Python project files (requirements.txt, pyproject.toml). These operations are restricted to file discovery and do not involve suspicious command sequences.
[EXTERNAL_DOWNLOADS]: The skill requires an internet connection to perform AIBOM analysis via Snyk's services. This is a documented requirement for the tool's core functionality and involves communication with a well-known security vendor.
[PROMPT_INJECTION]: While the skill processes external data (project dependency files), it implements a validation phase (Step 2.2) to ensure the tool output is valid JSON before the agent analyzes or summarizes it, reducing the risk of processing malformed or malicious data structures.

ai-inventory