Claude Skill

Name/description, examples, and runtime instructions consistently target the Claude Code CLI and developer workflows (read/write/edit, run tests, use tmux). No unrelated credentials, binaries, or config paths are requested.

SKILL.md instructs the agent to run arbitrary claude CLI commands in project workdirs, read and write project files, tail logs, compute hashes, and persist registry state. Critically it recommends using --dangerously-skip-permissions and --permission-mode acceptEdits to avoid permission prompts and auto-accept edits — this directly reduces human oversight and can cause unreviewed code changes. The instructions otherwise stay within a coding-agent scope but explicitly enable unsafe, non-interactive behavior.

No install spec in the skill bundle (instruction-only), but SKILL.md tells users to npm install -g @anthropic-ai/claude-code (global npm install) and to have tmux. Suggesting a global npm install requires elevated privileges and should be validated (official package, correct source). No download-from-arbitrary-URL instructions in the bundle.

The skill declares no required env vars or credentials, which matches its stated purpose. Examples reference external tools (e.g., mcp__datadog, --mcp-config) that could imply needing monitoring credentials at runtime — those are not declared here and would be provided by the host environment. This absence is acceptable but users should be aware that some example usages require separate credentials not managed by the skill.

always:false (good) and autonomous invocation is allowed (platform default). The skill instructs storing persistent polling state in a registry (update_registry) and recommends bypassing permission prompts and auto-accepting edits — when combined with autonomous invocation, these behaviors increase the blast radius by enabling unattended, persistent code modifications. The skill does not request system-wide config changes, but its recommended flags reduce safeguards.