The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell scripts (start-server.sh, stop-server.sh) and Node.js to manage a local web and WebSocket server. This server is a functional component of the 'Visual Companion' feature, which facilitates visual design reviews. The scripts are properly scoped to the skill's execution environment.\n- [DATA_EXFILTRATION]: While the skill involves a network-capable server, it defaults to binding on the loopback interface (127.0.0.1). The server code specifically uses path.basename when resolving requested files to prevent directory traversal (LFI). No sensitive files (e.g., credentials, SSH keys) are accessed or transmitted externally.\n- [SAFE]: The skill's instructions emphasize user-in-the-loop validation and approval gates before any implementation actions are taken. The custom server implementation for the visual companion is written using Node.js built-ins to avoid third-party supply chain risks.

brainstorming