The Agent Skills Directory

[SAFE]: The skill operates strictly within the scope of technology modernization and dependency auditing. It provides structured guidance for replacing legacy libraries with native platform APIs (e.g., Temporal, Intl, fetch) to reduce attack surface and technical debt.\n- [SAFE]: The skill incorporates robust defensive security practices. It instructs the agent to verify npm provenance attestations, check package maturity (e.g., ≥ 6 months post-stable-release), and utilize pnpm's trustPolicy to prevent installing potentially compromised packages. It explicitly warns about the risks of AI-assisted migration code, particularly hallucinated package versions.\n- [SAFE]: No evidence of prompt injection, data exfiltration, or privilege escalation was found. All shell commands provided (e.g., npm audit, npx depcheck) are standard, non-destructive tools for security auditing and dependency management. External references point to reputable industry sources such as Thoughtworks, Gartner, and common developer community platforms.

horizon