The Agent Skills Directory

[SAFE]: The skill implements a robust Bilibili interaction layer with a focus on token efficiency for AI agents by defaulting to YAML output. All primary functions relate to its stated purpose of browsing and interacting with Bilibili content.
[COMMAND_EXECUTION]: In bili_cli/auth.py, the tool uses subprocess.run to execute a hardcoded Python script that extracts browser cookies. This is done to isolate the browser-cookie3 dependency and prevent session locks from affecting the main process. The script logic is entirely static and does not ingest untrusted input for execution.
[EXTERNAL_DOWNLOADS]: The skill fetches video metadata, subtitles, and AI summaries from official Bilibili domains (bilibili.com, api.bilibili.com). These network operations are standard for the tool's functionality.
[CREDENTIALS_SAFE]: Authentication tokens are stored locally in ~/.bilibili-cli/credential.json. The application explicitly sets file permissions to 0600 (owner-only access) when saving this file, which is a security best practice for managing sensitive session data.

bilibili-cli