The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): The skill describes using build extensions to manage dependencies, including system packages (aptGet), Python libraries (requirementsFile), and Node.js CLI tools (additionalPackages). These are standard features of the Trigger.dev platform and follow best practices for infrastructure-as-code.
[COMMAND_EXECUTION] (LOW): The skill documentation includes examples of using the Bash tool and custom build layers that execute commands (e.g., chmod +x). This is within the scope of configuring a background task environment.
[REMOTE_CODE_EXECUTION] (LOW): The pythonExtension allows for running Python scripts and inline Python code within the Node.js environment. While this is dynamic execution, it is a primary feature of the platform for multi-language task support.
[DATA_EXFILTRATION] (SAFE): There are no patterns suggesting unauthorized data exfiltration. The automated scanner alert for logger.info as a malicious URL is a false positive; logger.info() is a standard logging function and the .info segment was likely misidentified as a Top-Level Domain (TLD) by the scanner.
[PROMPT_INJECTION] (SAFE): No patterns of prompt injection, instruction overrides, or adversarial role-play were found.
[CREDENTIALS_UNSAFE] (SAFE): The skill correctly recommends using environment variable synchronization (syncEnvVars) for managing secrets rather than hardcoding them.

trigger-dev-tasks