exe-dev

The name and description (managing exe.dev VMs) match the SKILL.md content: SSH commands, proxy rules, sharing, and custom domain instructions. The skill requests no binaries, env vars, or config paths beyond what the docs describe, which is proportionate for a documentation-only helper.

SKILL.md is documentation-only and does not instruct the agent to read local secrets or system files. It does include a mitmproxy example showing how to inject headers for testing and notes that the Shelley agent reads ~/.config/shelley/AGENTS.md; these are documentation items (not code) but they are sensitive in that they describe mechanisms that can be used to spoof headers or access agent config files. The skill itself does not automate or advise reading host files or exfiltrating data, but users should be cautious when following the mitmproxy example or when exposing services that trust forwarded headers.

No install spec and no code files — lowest-risk delivery. Nothing is downloaded or written to disk by the skill bundle itself.

No environment variables, credentials, or config paths are requested. The documentation describes exe.dev adding authentication headers (X-ExeDev-UserID, X-ExeDev-Email) to proxied requests — this is a service behavior to be aware of but is appropriate context for a VM-management doc.

Skill is not always-enabled, contains no installation or persistent agent modifications, and does not request elevated/ongoing system privileges. Autonomous invocation is allowed (platform default) but the skill has no code to run autonomously.