The Agent Skills Directory

[SAFE]: No security issues detected. The skill's primary function is local structural validation and maintenance of a specific project layout.
[COMMAND_EXECUTION]: The script scripts/audit_marketplace.py executes a single static shell command (git remote get-url origin) using the subprocess module. This is used neutrally to compare the marketplace name with the repository name. The command is passed as a list of arguments without shell=True, preventing command injection vulnerabilities.
[DATA_EXFILTRATION]: The skill reads project configuration files such as marketplace.json and CLAUDE.md. These operations are local and necessary for its documented purpose. There are no network requests or external data transfers identified.
[PROMPT_INJECTION]: The skill has an indirect ingestion surface as it parses plugin descriptions and frontmatter from markdown files. However, the logic is limited to structural auditing and the skill does not interpolate this data into executable strings or sensitive prompts in a way that would allow for indirect injection exploitation.

marketplace-audit