The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: Automated tools flagged 'curl | bash' patterns. Technical review confirms these are used exclusively as illustrative examples of malicious 'unsafe' code in the documentation and example output sections. They are not intended for execution by the agent.- [EXTERNAL_DOWNLOADS]: The skill suggests installing the '@socketsecurity/cli' package from npm. This is the official tool from Socket.dev, a well-known security provider, and is necessary for the skill's functionality.- [SAFE]: The skill provides a robust framework for identifying supply chain risks, including manual fallback checks for common attack vectors like typosquatting and malicious install hooks. It serves a purely defensive and educational purpose.

socket-sca