The Agent Skills Directory

[SAFE]: The core logic for repository analysis is contained in a local bash script (scripts/survey-brownfield.sh) which collects project metadata such as commit history, directory structures, and CI configurations. This script is self-contained and does not perform any network operations.
[SAFE]: Recommended external tools (e.g., vale, lychee, fast-check, hypothesis, stryker) are well-known, industry-standard development utilities for testing and documentation quality.
[SAFE]: Command execution patterns are restricted to standard development tools like git, gh CLI, and package managers. The skill instructions prioritize human-in-the-loop verification and explicit pauses for major decisions.
[SAFE]: There is no evidence of data exfiltration, credential harvesting, or obfuscation. The skill explicitly handles .gitignore files and repo-local configuration to ensure sensitive data is not accidentally exposed during the bootstrap process.

harness-engineering-bootstrap-brownfield