The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill includes maintenance scripts (tools/sync-upstream/sync.py) that fetch source files from a specific GitHub repository to keep the mirror updated. Furthermore, the instructions in SKILL.md for the 'Core Asset Protocol' direct the agent to use curl to fetch brand logos and imagery from official corporate domains. These actions are core to the skill's utility in finding real-world design context.
[COMMAND_EXECUTION]: Several helper scripts (render-video.js, add-music.sh, export_deck_pdf.mjs) use subprocess calls to execute ffmpeg and Playwright. These tools are utilized for the legitimate purpose of rendering browser-based animations into MP4/GIF formats and converting HTML slides into vector PDFs.
[SAFE]: The skill demonstrates a security-conscious design by instructing the agent to store user-specific sensitive data in a local file (personal-asset-index.json) outside the skill's directory tree. It also uses pinned versions and subresource integrity (SRI) hashes for external React and Babel libraries loaded in its templates.

huashu-design