The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes child_process.execSync to open the system's default web browser and child_process.spawn to manage server instances in the background. The file paths passed to these commands are sanitized via encodeURIComponent to prevent shell command injection.
[EXTERNAL_DOWNLOADS]: The project depends on standard and well-known npm packages (marked, highlight.js, gray-matter) for markdown processing. Additionally, the viewer template fetches CSS stylesheets for syntax highlighting from Cloudflare's public CDN, which is a common and trusted service.
[SAFE]: The server implements a security utility (isPathSafe) that validates all file access requests against a list of allowed directories, effectively preventing directory traversal attacks. Access is restricted to the application's assets, the current working directory, and the specific directory being viewed.

markdown-novel-viewer