The Agent Skills Directory

[SAFE]: The skill is a set of security guidelines and behavioral rules designed to protect sensitive information during local development.
[EXTERNAL_DOWNLOADS]: References the official Gitleaks repository on GitHub (github.com/gitleaks/gitleaks) to implement pre-commit secret scanning. This is a well-known security tool used for defensive purposes.
[COMMAND_EXECUTION]: Includes instructions for using the op run command to inject secrets into subprocesses. This technique is specifically used to prevent secrets from appearing in the parent shell environment or agent context.
[DATA_EXFILTRATION]: Explicitly prohibits commands that would surface plaintext secrets (e.g., op read, echo $SECRET) and provides a recovery protocol in case of accidental exposure.
[PROMPT_INJECTION]: No malicious override or bypass patterns were detected. The skill contains restrictive instructions ("Banned operations") that strengthen the agent's security posture.

1password-secret-references