The Agent Skills Directory

[Prompt Injection] (SAFE): No override markers, role-play injections, or instructions to bypass safety guidelines were found. The 'Red Flags' section is a standard architectural guidance tool.
[Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. Code examples use standard mock API paths like /api/users/.
[Obfuscation] (SAFE): All files are written in clear, human-readable Markdown and TypeScript. No Base64, zero-width characters, or homoglyphs were detected.
[External Downloads] (LOW): The skill references standard, highly-trusted industry packages including @tanstack/react-query, zustand, and jotai. These are appropriate for the skill's stated purpose.
[Indirect Prompt Injection] (LOW): The skill possesses a standard attack surface for a code-generation assistant.
Ingestion points: Processes user-provided application requirements.
Boundary markers: None explicitly defined in prompts.
Capability inventory: Limited to text and code generation for the user.
Sanitization: Not applicable as it generates static templates.
[Privilege Escalation] (SAFE): No commands involving sudo, chmod, or system-level configuration changes were identified.
[Persistence Mechanisms] (SAFE): No attempts to modify shell profiles, cron jobs, or startup services were found.
[Dynamic Execution] (SAFE): No usage of eval(), exec(), or unsafe deserialization (e.g., pickle) was found in the provided examples.

react-specialist