The Agent Skills Directory

[SAFE]: The skill's primary purpose is to enhance project security by automating the deployment of secret scanning and vulnerability auditing tools.
[COMMAND_EXECUTION]: The skill generates templates for GitHub Actions and pre-commit hooks that execute standard security utilities (e.g., gitleaks, npm audit, pip-audit, dotnet list package). These commands are intended for use in controlled CI/CD environments or local development workflows.
[EXTERNAL_DOWNLOADS]: The generated configuration files reference well-known and widely used external resources, such as official GitHub Actions (actions/checkout, actions/setup-node) and the Gitleaks security scanner. These references are standard for the described security setup and originate from established sources.
[DATA_EXFILTRATION]: No patterns of unauthorized data collection or external exfiltration were detected. The skill specifically includes steps to update .gitignore to prevent the accidental commitment of sensitive files like .env and private keys, demonstrating a defensive posture.
[PROMPT_INJECTION]: The instructions do not contain any patterns attempting to override agent behavior, bypass safety constraints, or extract system prompts. The inclusion of instructions for context isolation using subagents aligns with security best practices.

ln-760-security-setup