The Agent Skills Directory

[SAFE]: The skill code does not contain malicious patterns or security risks. It follows best practices for vault management and uses the standard library for all core logic.\n- [DATA_EXFILTRATION]: The skill communicates with the OpenRouter API (openrouter.ai) via urllib.request to perform automated tagging and link suggestions. It transmits file metadata and short content summaries (300-500 characters) to the service. This behavior is a central feature of the skill's enrichment workflows and targets a well-known service provider.\n- [COMMAND_EXECUTION]: The tests/test_autograph.py script uses subprocess.run to execute CLI commands for testing purposes. These commands are restricted to running the skill's own Python scripts within a temporary environment and do not involve untrusted input or shell injection risks.\n- [PROMPT_INJECTION]: Instructions in SKILL.md include functional imperatives such as 'CRITICAL: always run Step 2B' and 'NEVER skip the swarm'. These directives are designed to guide the agent through multi-stage processing tasks (like map-reduce classification) and do not attempt to bypass safety filters or override the system prompt.

autograph