The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The scripts/install-hooks.sh script performs basic file system operations (creating directories and copying local files) to install governance rules into the user's home directory (~/.claude). This is the intended behavior for the skill's installation process and does not involve elevated privileges or remote command execution.- [EXTERNAL_DOWNLOADS] (SAFE): The templates/ci.yml file references standard GitHub Actions from the official actions/ repository and utilizes well-known package managers (npm, pip) to install common development tools (ruff, mypy, madge). These operations are typical for CI/CD pipelines and target trusted sources.- [PROMPT_INJECTION] (SAFE): No malicious instruction overrides or bypasses were found. The skill uses 'hooks' (Markdown files with YAML metadata) to provide instructional guidance to the agent when specific file patterns are detected, which is the primary and transparent purpose of the skill.- [DATA_EXFILTRATION] (SAFE): There is no evidence of hardcoded credentials, unauthorized access to sensitive files, or exfiltration of data to external domains. The database credentials in the CI template are for a local, ephemeral test environment.

code