The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Bash to perform security checks such as git history analysis for leaked secrets and executing standard audit tools like npm audit or cargo audit.\n- [DATA_EXFILTRATION]: In its 'Secrets Archaeology' phase, the skill searches for and reads sensitive files (e.g., .env, private keys) to identify vulnerabilities. Audit results are saved to a local directory for user review.\n- [EXTERNAL_DOWNLOADS]: The skill uses curl to transmit anonymous usage telemetry to a backend service. This behavior is subject to a user consent prompt on first run and is driven by local configuration.\n- [PROMPT_INJECTION]: Phase 8 (Skill Supply Chain) instructs the agent to search for prompt injection patterns in other files. These patterns are for detection purposes and are not malicious instructions within the skill itself.

cso