The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The deployment guide for Vercel in references/deployment-guides.md uses curl to download a Zola binary from github.com/getzola/zola. While GitHub is a trusted platform and this is the official repository, the organization is not on the pre-approved whitelist, and executing remote binaries is a high-risk pattern.
REMOTE_CODE_EXECUTION (MEDIUM): The package.json example for Vercel execution combines a remote download (curl) with immediate extraction (tar) and execution (./zola build). This pattern is a documented method for Zola deployment but carries inherent risks if the source repository were compromised.
CREDENTIALS_UNSAFE (MEDIUM): The Firebase migration script in references/astro-integration.md explicitly references and requires a service-account.json file. While standard for Firebase Admin SDK usage, it encourages the storage of highly sensitive private keys within the project directory structure.
COMMAND_EXECUTION (SAFE): The skill provides numerous CLI instructions for zola and npm. These are consistent with the skill's primary purpose of static site generation and development.
DATA_EXPOSURE (LOW): The Tera templates in assets/templates/ frequently use the | safe filter for page.content and section.content. While necessary for rendering Markdown output, this creates a surface for Indirect Prompt Injection or XSS if the source content (e.g., imported from the Firebase export script) contains untrusted user data.
Ingestion points: Firestore data fetched via scripts/export.ts and external data loaded via load_data in templates.
Boundary markers: None present in the provided templates.
Capability inventory: File system write access via export.ts, remote data fetching via load_data, and shell execution via build scripts.
Sanitization: Tera auto-escaping is explicitly disabled for main content blocks using the | safe filter.

creating-zola-static-sites