The Agent Skills Directory

[CREDENTIALS_SAFE]: The skill implements strong security measures for handling API keys. It instructs the agent to use restricted file permissions (chmod 600 for tokens and chmod 700 for configuration directories) and specifically mandates piping sensitive data via stdin (e.g., using heredocs and temp files) to ensure tokens never appear in command-line arguments or process lists. It also actively migrates credentials from project-root files (CLAUDE.md) to a secure user-home directory (~/.config/jetty/).
[DATA_PROTECTION]: All network operations are directed at the official vendor domains (flows-api.jetty.io and flows.jetty.io) which matches the skill author context (jettyio). There is no evidence of unauthorized data exfiltration or access to sensitive local files (like SSH or AWS keys).
[PROMPT_INJECTION_DEFENSE]: The skill contains explicit defensive instructions in Step 6, directing the agent to treat all API response data as untrusted. It instructs the agent to render output as plain text and to specifically look for and ignore prompt injection attempts within that external data before displaying it to the user. The static analysis flag regarding 'ignore previous instructions' is a false positive, as that phrase is used solely within a security instruction to teach the agent how to detect such patterns in incoming data.
[COMMAND_EXECUTION]: The shell commands used are standard administrative and networking tasks (mkdir, chmod, curl, cat, rm) intended for environment setup. No dangerous commands or privilege escalation attempts (like sudo) were detected.
[DEPENDENCIES]: The skill does not install any external packages or download unverified remote scripts. It utilizes the agent's built-in tools (Bash, Read, Write, AskUserQuestion) to perform its functions locally.

jetty-setup