SAFE-Bootstrapper

The skill's declared purpose (deterministic sandbox-local setup/remediation for other installed skills) matches its instructions and requested resources: it is instruction-only, requests no credentials, and forbids network or host-level actions. Nothing in the package suggests it will perform unexpected exfiltration or require unrelated privileges.

This skill appears coherent and low-risk: it only performs sandbox-local, deterministic setup steps and forbids network installs and credential requests. Before using it, ensure you run it in a properly enforced sandbox (so file and network isolation are real). Be aware it may read and write files inside the target workspace (for example copying .env.example → .env) — remove any sensitive data from the workspace before running. Note also that it will not install dependencies or bring up services: if the target requires network installs, browser/OAuth flows, or databases you will need to handle those outside this skill. If you need higher assurance, review the produced JSON setup report and the tool_call/evidence entries after a run to confirm only expected sandbox-local actions were taken.