The Agent Skills Directory

[SAFE]: No security vulnerabilities were detected. The skill demonstrates best-in-class security awareness and documentation.\n- [COMMAND_EXECUTION]: The skill uses a bundled Python script (briesearch.pyz) and standard git commands for storage path resolution and project identification. These operations are local, well-scoped, and follow standard Unix conventions (XDG Base Directory Specification).\n- [EXTERNAL_DOWNLOADS]: Interacts with reputable third-party services (Tavily, Context7) for research tasks. The skill includes mandatory guidelines in references/safety.md to prevent the inclusion of sensitive local context, such as code snippets or environment variables, in external queries.\n- [PROMPT_INJECTION]: The skill proactively addresses prompt injection through specific instructions in references/safety.md that mandate ignoring directives found within fetched external content. A static analysis flag regarding these instructions was identified as a false positive, as the content is protective rather than malicious.\n- [DATA_EXFILTRATION]: Robust safeguards are present to prevent data leakage. The skill forbids sending private repository information to external APIs and implements 'context isolation' to ensure that raw external data is stored on disk rather than flooding the conversation history.

briesearch