The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute rsvg-convert and python. To mitigate risk, the instructions explicitly command the agent to quote file paths when invoking shell commands, which prevents command injection vulnerabilities that could otherwise occur through malicious file naming in the user-provided arguments.
[SAFE]: The skill instructions and reference files (specifically icons.md and the style guides) explicitly forbid the use of external @import statements or remote URLs for fonts and assets. This is a critical security control that prevents Server-Side Request Forgery (SSRF) and data exfiltration through the SVG conversion process.
[EXTERNAL_DOWNLOADS]: Although the allowed-tools configuration includes curl, the skill's actual workflow is entirely local, using provided reference files within the skill directory rather than fetching external content from the internet.
[DATA_EXFILTRATION]: The skill lacks any patterns of reading sensitive system files (e.g., .ssh, .env) or exfiltrating data to external domains. File operations are restricted to reading style references and writing the resulting diagram artifacts.

fireworks-tech-graph