The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The documentation references well-known security and development tools, such as Stoplight Spectral, Dredd, and Cloudflare API Shield, which are standard for API security workflows and are sourced from established tech providers.
[COMMAND_EXECUTION]: The skill includes a Python-based auditing tool (scripts/agent.py) that analyzes local OpenAPI specification files. The script correctly uses yaml.safe_load() to ensure secure parsing of configuration files and avoid arbitrary code execution.
[SAFE]: Examples for Cloudflare API integration use environment variable placeholders for authentication tokens, adhering to standard security best practices for credential management and secret handling.
[SAFE]: The auditing script processes external data files using the jsonschema library for structured validation. 1. Ingestion points: OpenAPI specifications and JSON payloads loaded from local files via CLI arguments. 2. Boundary markers: Relies on standard file parsing and explicitly utilizes yaml.safe_load() for YAML content. 3. Capability inventory: Limited to reading input files for analysis and writing audit findings to a local JSON report file. 4. Sanitization: Implements structural validation and type checking via the jsonschema library to ensure inputs conform to expected security contracts.

implementing-api-schema-validation-security