The Agent Skills Directory

[COMMAND_EXECUTION]: The skill workflow describes the use of standard system utilities such as git and grep to resolve file scope and perform pattern-based scanning of the codebase. These operations are restricted to the intended purpose of performing a security audit and do not involve untrusted input execution.
[DATA_EXPOSURE]: The skill accesses local code files and framework reference documents (e.g., sans-cwe-top25.md) to perform its analysis. This is appropriate behavior for a static analysis tool.
[SAFE]: No remote network operations, hardcoded credentials, or persistence mechanisms were found. The skill follows best practices for a security dispatcher by grouping findings and providing cross-references to established frameworks like OWASP and STRIDE.

sans25