The Agent Skills Directory

[SAFE]: All network operations target official Google API endpoints (e.g., forms.googleapis.com, drive.googleapis.com, spreadsheets.googleapis.com), which are recognized as trusted services under the analysis guidelines.
[SAFE]: The skill implements a standard OAuth 2.0 loopback authentication flow using the official googleapis Node.js library. It requires users to provide their own API credentials via a .env file, which is a documented and standard practice for local development tools.
[SAFE]: No evidence of obfuscation was found. A thorough scan for Base64-encoded strings, zero-width characters, homoglyphs, and other encoding tricks yielded no malicious results.
[SAFE]: Command execution is restricted to internal utility scripts provided with the skill for legitimate purposes such as authentication, API calls, and local result logging. No remote code execution patterns, such as curl | bash, were identified.
[SAFE]: The skill's instructions and agent personas (e.g., Don Norman, Linus Torvalds) are focused on the primary task of form generation and do not contain any prompt injection attempts or instructions to bypass safety guidelines.

google-forms-generator