The Agent Skills Directory

[SAFE]: The skill is a legitimate data utility for the Bluesky social platform. Analysis of the scripts and instructions confirms they are focused solely on data retrieval and processing.
[CREDENTIALS_UNSAFE]: The skill avoids hardcoded secrets. It correctly utilizes environment variables for authentication and includes a mask_secret utility to prevent accidental exposure of credentials in logs or configuration summaries.
[COMMAND_EXECUTION]: The Python script does not utilize any functions capable of shell command execution (such as os.system or subprocess.run). All operations are performed using standard library functions for HTTP and file I/O.
[EXTERNAL_DOWNLOADS]: Network operations are limited to fetching structured JSON data from official Bluesky API hosts (public.api.bsky.app and bsky.social). No executable code or scripts are downloaded from the internet.
[PROMPT_INJECTION]: The skill's metadata and instructional content do not contain patterns intended to bypass AI safety guardrails or override system instructions.
[DATA_EXFILTRATION]: There is no evidence of unauthorized data transfer. The skill only communicates with the designated service provider to retrieve public social media content.

bluesky-cascade-fetch