Travel Itinerary Planner

The skill bundle is benign. The `SKILL.md` provides explicit safety guardrails for the AI agent, instructing it to treat user input as untrusted, validate HTTPS URLs, and restrict file output to the current working directory with a `.md` extension. The core script `scripts/build_trip_plan.py` implements these guardrails through robust input sanitization (`sanitize_text`, `escape_markdown_text`, `validate_https_url`) and strict path validation (`build_output_path` ensures files are written within the current working directory and have a `.md` extension). There is no evidence of data exfiltration, unauthorized command execution, persistence, or obfuscation.