The Agent Skills Directory

[COMMAND_EXECUTION]: The bundled scripts/doc_audit.py script uses subprocess.run to execute local git commands for project root detection and modification tracking. The implementation follows security best practices by using argument lists instead of shell strings, which prevents command injection.
[SAFE]: The skill processes project source code and documentation to identify staleness and missing content. This ingestion of external data is the core function of the skill. While it creates a surface for indirect prompt injection, no malicious patterns were observed. The subagent prompts are designed for specific analytical tasks, providing context that mitigates accidental instruction following.
[SAFE]: No unauthorized network operations, hardcoded credentials, or persistence mechanisms were found. The skill relies on bundled scripts and platform-native subagent orchestration without external dependencies.

doc-maintenance