The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the Serena MCP server from GitHub using uvx to provide semantic context for C/C++ analysis. This is a functional requirement from a reputable source.
[COMMAND_EXECUTION]: The skill invokes system-level build tools including clang, cargo, and rustfilt to analyze code structures and verify symbol demangling.
[COMMAND_EXECUTION]: The analysis pipeline includes a validation phase that compiles and executes bespoke proof-of-concept (PoC) programs. These programs are generated based on the audited source code to verify the effectiveness of memory zeroization, which is an essential part of the tool's auditing functionality.
[SAFE]: The tool requires read access to local repository source files and compilation databases (compile_commands.json) to identify sensitive variables and trace their memory lifecycle. This behavior is consistent with its stated purpose as a security audit utility.

zeroize-audit