The Agent Skills Directory

[SAFE]: The skill correctly handles sensitive information by requiring credentials like SYNOLOGY_USERNAME and SYNOLOGY_PASSWORD to be provided via environment variables rather than being hardcoded.
[SAFE]: No external dependencies are required; the implementation relies entirely on Python standard libraries such as urllib.request and ssl.
[DATA_EXFILTRATION]: The script facilitates file uploads and downloads between the local system and a remote Synology NAS. This behavior is the primary intended function of the skill and is directed only to the user-configured endpoint.
[SAFE]: The skill provides an optional setting to disable SSL verification (SYNOLOGY_VERIFY_SSL=false). While this could theoretically allow for man-in-the-middle attacks, it is a standard feature for supporting local NAS environments with self-signed certificates and is controlled by the user's environment configuration.
[COMMAND_EXECUTION]: The script provides capabilities to create, delete, and move files on a remote system. These operations are performed via structured WebAPI calls to the Synology DSM and are limited to the permissions of the provided user account.

synology-file-station