The Agent Skills Directory

[SAFE]: The skill implements a documentation synchronization workflow that runs exclusively on the local filesystem. The core logic is contained in Python scripts (scan_tools.py, parse_docs.py, generate_report.py) that use standard library modules like argparse, json, pathlib, and re. No network operations or external downloads are performed.\n- [SAFE]: Tool discovery and metadata extraction are performed by scanning directories for SKILL.md and agent files and parsing their YAML frontmatter using deterministic regular expressions. The skill does not use unsafe deserialization or dynamic code execution on the scanned content.\n- [SAFE]: The documentation parsing logic in scripts/parse_docs.py extracts information from markdown tables and lists. While this involves processing potentially untrusted data from the repository, the scripts handle this data as structured text rather than executable instructions, which mitigates indirect prompt injection risks.\n- [SAFE]: Static analysis flagged a dynamic import in scripts/parse_docs.py, but this was found to be a benign use of __import__('datetime') for timestamping purposes.\n- [SAFE]: The skill respects the principle of least privilege, requiring only the tools necessary for local file manipulation (Read, Write, Bash, Edit). No attempts at privilege escalation or persistence were detected.

docs-sync-checker