The Agent Skills Directory

[SAFE]: The skill is entirely documentation-based, providing checklists and examples for security best practices. No executable scripts or malicious automation patterns were detected.\n- [CREDENTIALS_UNSAFE]: SKILL.md contains placeholder secrets (e.g., 'sk-proj-xxxxx', 'password123') used exclusively as examples of insecure practices to avoid. These are not real credentials.\n- [EXTERNAL_DOWNLOADS]: The guidelines mention reputable security libraries and SDKs such as zod, isomorphic-dompurify, and the AWS SDK. These are standard industry tools and are referenced correctly within the context of security recommendations.\n- [COMMAND_EXECUTION]: The documentation includes common administrative commands for tools like npm and the AWS CLI (e.g., 'npm audit', 'aws iam'). These are provided for instructional purposes in security maintenance and do not indicate malicious intent.

security-review