The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches release information and core SDK source files directly from the official Auth0 GitHub repository. These downloads are used to provide the agent with accurate method signatures and release tags for the migration process. As these resources originate from a well-known service and the official vendor repository, they are considered safe.- [COMMAND_EXECUTION]: The migration involves executing standard system and development tools, including git for status checks, xcodebuild for project verification and builds, and various package managers like CocoaPods, Swift Package Manager, and Carthage. These commands are essential for the skill's purpose and are used in a controlled manner.- [REMOTE_CODE_EXECUTION]: Automated scans flagged curl output piped to python3; however, these instances are used to parse JSON data from the GitHub API using static Python logic defined within the skill itself. The skill does not execute remotely fetched code, but rather processes data from a trusted vendor repository.- [PROMPT_INJECTION]: The skill processes project source code to identify API call sites. 1. Ingestion points: Reads all Swift files importing Auth0. 2. Boundary markers: Absent; source code is read directly into context. 3. Capability inventory: The agent can edit files and execute shell commands via build tools. 4. Sanitization: No sanitization is performed on ingested code. While this creates a surface for indirect prompt injection, it is inherent to the migration task and mitigated by the agent's focus on specific API signatures. Additionally, the skill includes safety instructions to validate target versions and verify the project for hardcoded secrets after migration.- [DATA_EXFILTRATION]: No network operations were found that exfiltrate project data. Communication is limited to retrieving metadata from the official repository of the SDK vendor (Auth0).

auth0-swift-major-migration