The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The scripts use npx to dynamically download and execute the @toolbox-sdk/server package. This package is specifically versioned (1.1.0) and originates from a trusted organization for catalog integration.
[COMMAND_EXECUTION]: Each script uses the spawn method to invoke tool functions. The implementation includes logic to handle cross-platform differences and argument escaping to ensure commands are executed as intended.
[CREDENTIALS_UNSAFE]: The skill includes logic to load environment variables from a .env file located in the project structure. This follows security best practices by avoiding hardcoded secrets and instead relying on externalized configuration for authentication.
[DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. Network activity is limited to downloading the necessary toolbox package and communicating with the catalog services as required by the skill's primary purpose.

knowledge-catalog-discovery