The Agent Skills Directory

EXTERNAL_DOWNLOADS (SAFE): The assets/liff-starter.html file references the official LINE SDK (v2.22.3) from the trustworthy static.line-scdn.net CDN. This is the standard delivery method for the framework and poses no security risk in this context.
CREDENTIALS_UNSAFE (SAFE): No hardcoded API keys, secrets, or tokens were detected. The skill uses appropriate placeholders like YOUR_LIFF_ID and provides clear documentation on the secure server-side verification of user tokens using Channel Secrets.
DATA_EXFILTRATION (SAFE): The guidelines explicitly warn against leaking sensitive data like access_token and ID token to external logs, demonstrating a security-first design.
PROMPT_INJECTION (SAFE): The skill content is purely instructional and does not contain any directives intended to override agent system prompts or bypass safety filters.

line-liff