The Agent Skills Directory

[SAFE]: The skill is a legitimate developer productivity tool with clear, well-documented functionality and a strong focus on security best practices.
[COMMAND_EXECUTION]: The skill invokes cargo and git for project initialization, building, and repository tracking within the user's local workspace. These actions are restricted to the expected toolchain usage and are necessary for the skill's functionality.
[EXTERNAL_DOWNLOADS]: The skill references dependencies and configuration from official package registries (crates.io, npm) and the vendor's own GitHub organization. These are standard developer resources and do not represent a security risk.
[REMOTE_CODE_EXECUTION]: A critical security control is implemented in the skill's manifest by explicitly denying writes to build.rs files. This prevents the possibility of a malicious instruction scaffolding a script that executes arbitrary code during the Rust compilation process.
[DATA_EXFILTRATION]: Instructions and reference materials within the skill emphasize safe credential management by explicitly discouraging hardcoded secrets and promoting the use of environment variables for authentication.

aomi-build