The Agent Skills Directory

[SAFE]: The skill provides legitimate instructions for initializing the CometChat Android SDK, handling user authentication, and sending messages. The provided code snippets follow standard Android development patterns.
[EXTERNAL_DOWNLOADS]: The skill instructs the user to add the official CometChat Maven repository (https://dl.cloudsmith.io/public/cometchat/cometchat/maven/) to the project configuration. This is a well-known and expected source for this vendor's artifacts.
[CREDENTIALS_UNSAFE]: The skill implements safe credential management by recommending that developers store appId, region, and authKey in the local.properties file (which is git-ignored by default) and access them through BuildConfig. It also explicitly warns against shipping sensitive development keys in production builds.
[COMMAND_EXECUTION]: While the skill requests the executeBash tool, it is contextually appropriate for an agent intended to assist with Gradle builds and Android project management. No suspicious or arbitrary command execution patterns were found in the instructions.

cometchat-android-v6-core