The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill manages API keys securely by implementing redaction mechanisms in its communication and logging functions. The code explicitly prevents the storage of API keys in persistent session state files, ensuring that sensitive credentials are only held in memory during the execution of a request.
[EXTERNAL_DOWNLOADS]: The skill makes network requests to console.volcengine.com, which is the official domain for the Volcengine platform. These requests are necessary for the skill to interact with the survey backend and do not involve downloading or executing untrusted code from external sources.
[COMMAND_EXECUTION]: The skill provides a Python wrapper (scripts/send_survey_message.py) for the agent to execute. This script acts as a controlled interface to the backend API, managing session continuity and ensuring that the agent does not construct arbitrary network requests manually.
[OBFUSCATION]: The Python scripts utilize minor string concatenation for identifying sensitive headers and payload fields (e.g., constructing header names like 'Authorization' from parts). This is used to facilitate reliable log redaction and does not hide malicious functionality.

byted-airesearch-survey