The Agent Skills Directory

[SAFE]: The skill is a security auditor designed to detect supply-chain attacks in other skills. All findings related to malicious commands (e.g., curl | bash, reverse shells, and destructive commands) are part of its reference catalog used to identify threats in third-party code, as evidenced in references/bundled-artifact-review.md.
[SAFE]: Automated scan results flagging Remote Code Execution (RCE) patterns (e.g., python -c "$(curl") are triggered by documentation and template examples inside SKILL.md and references/bundled-artifact-review.md. These patterns are explicitly marked as 'Critical Patterns' or 'P0' threats to be rejected during an intake audit, not commands to be executed.
[SAFE]: The skill provides detailed instructions for scanning for Unicode Tag injection (U+E0000 block) and bidi overrides. The presence of these hex sequences in references/unicode-tag-scan.md is for the purpose of identifying malicious steganography in other files and does not represent an attempt to use them within the skill itself.
[SAFE]: Sensitive file paths such as ~/.ssh/id_* and ~/.aws/credentials are mentioned in SKILL.md only as indicators of 'Credential Exfiltration' for the agent to flag when reviewing external artifacts. The skill does not access these paths for its own operations.

chain