The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses curl to interact with the Duffel API. These commands are limited to the intended travel booking functionality, such as searching for offers and creating orders.
[EXTERNAL_DOWNLOADS]: All network operations target api.duffel.com, which is the official domain for the Duffel travel platform. This is a well-known service and the interactions are documented for legitimate API usage.
[DATA_EXFILTRATION]: Authentication is handled using the $DUFFEL_TOKEN environment variable passed in the HTTP Bearer header. This follows standard security practices for managing API credentials and does not involve unauthorized exfiltration of sensitive data.

duffel