The Agent Skills Directory

[SAFE]: The skill performs security audits on repositories using standard tools and patterns. All external tools and actions referenced come from well-known and reputable sources in the security community.
[COMMAND_EXECUTION]: The skill uses various CLI tools like git, gh, trufflehog, and gitleaks to perform scans. These are used according to their intended security-auditing purpose to inspect the repository environment.
[EXTERNAL_DOWNLOADS]: Templates suggest using official GitHub Actions and downloading known security tools such as gitleaks from its official GitHub releases. These sources are well-known technology providers and the references are documented neutrally.
[DATA_EXFILTRATION]: No patterns of unauthorized data exfiltration were found. The skill identifies sensitive data and reports it to the user or within the project's own CI/CD environment for the purpose of preventing accidental exposure.
[PROMPT_INJECTION]: No malicious prompt injection patterns were detected. The instructions are focused on establishing security policies, excluding sensitive project metadata (like .claude/ directories), and enforcing audit rules.

repo-sentinel