The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the stet CLI tool and standard development utilities including git, docker, gh, npm, pnpm, and uv. This execution is central to its purpose as a CI/evaluation orchestrator and is consistent with managing repository workflows.
[EXTERNAL_DOWNLOADS]: Instructions are provided for adding the skill via npx skills add and updating the tool using stet update. These operations target the author's official GitHub repository (github.com/benredmond/stet-dist), which is classified as a vendor-owned resource.
[CREDENTIALS_UNSAFE]: The skill manages sensitive credentials, such as CLAUDE_CODE_OAUTH_TOKEN and CODEX_LB_API_KEY. It explicitly instructs the agent to store these in ~/.config/stet/claude-oauth-token with 0600 (user-only) permissions and to avoid exporting them in global shell profiles or repository-local environment files, aligning with secure configuration practices.
[PROMPT_INJECTION]: Static detectors flagged potential concealment patterns (e.g., instructions to prioritize JSON automation over human-facing terminal mirrors). Analysis confirms these are benign technical instructions designed to ensure data integrity and reliable parsing for the agent, rather than attempts to hide malicious behavior from the human operator.

stet