The Agent Skills Directory

[SAFE]: The skill performs legitimate website audits using a series of specialized Python scripts. All network operations are directed towards the user-provided URL for analysis purposes.
[EXTERNAL_DOWNLOADS]: The skill documentation suggests installing standard, well-known Python libraries (requests, beautifulsoup4, lxml) from official registries. These are appropriate for the skill's purpose of web scraping and parsing.
[COMMAND_EXECUTION]: The skill uses the Bash tool to execute its own local Python scripts located within the skill directory. These scripts perform static analysis on fetched HTML and metadata. There is no evidence of arbitrary command execution or shell injection vulnerabilities.
[DATA_EXFILTRATION]: No evidence of data exfiltration was found. The skill analyzes public website data and saves findings to a local geo-fixes/ directory. It does not access sensitive system files or environment variables.
[PROMPT_INJECTION]: The skill instructions are focused on orchestration and reporting. There are no attempts to bypass LLM safety guidelines or override system prompts.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. All execution logic is contained within the distributed scripts folder.

geo-audit