The Agent Skills Directory

[SAFE]: The skill uses the allowed-tools frontmatter field to strictly limit the agent's capabilities to the openstatus command. This follow the principle of least privilege and prevents the execution of unauthorized or malicious shell commands.
[SAFE]: No hardcoded credentials or secrets were detected. The documentation correctly instructs users on using environment variables (OPENSTATUS_API_TOKEN) or local configuration files (~/.config/openstatus/token) for authentication, which is a standard and secure practice for CLI tools.
[SAFE]: The Terraform generation workflow includes a security-conscious design where sensitive values are replaced with placeholders ("REPLACE_ME") and marked with TODO comments for the user to fill manually, preventing accidental exposure of secrets in infrastructure-as-code files.
[SAFE]: The skill identifies a surface for potential indirect prompt injection as it ingests user-provided data like monitor URLs, incident titles, and messages. However, given the restricted scope of the tool and the functional requirements of a monitoring service, the risk is negligible.
Ingestion points: Monitor configurations in openstatus.yaml and command-line arguments for incident reports and maintenance windows (SKILL.md).
Boundary markers: None explicitly defined in the prompt instructions.
Capability inventory: Execution is restricted to Bash(openstatus *) (SKILL.md).
Sanitization: No internal sanitization logic is provided in the skill instructions; it relies on the underlying CLI's handling of inputs.

openstatus-cli