The Agent Skills Directory

Prompt Injection (SAFE): No malicious override or bypass instructions were detected. The use of 'IMPORTANT' and 'Common Mistakes' is restricted to task-specific guidance.- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive local files or perform network operations. It processes data provided by an orchestrator skill.- Obfuscation (SAFE): No hidden, encoded, or deceptive characters or formatting were found.- Unverifiable Dependencies & Remote Code Execution (SAFE): No external packages are requested for installation, and there are no scripts or remote code patterns.- Privilege Escalation (SAFE): No commands related to administrative privileges or permission changes are present.- Persistence Mechanisms (SAFE): The skill does not attempt to modify system startup or configuration files.- Metadata Poisoning (SAFE): The YAML frontmatter contains standard, accurate descriptions of the skill's purpose.- Indirect Prompt Injection (LOW): While the skill ingests HTML content (an untrusted data source), it lacks any 'sink' capabilities such as file writing, shell execution, or network calls, making the surface risk negligible.- Time-Delayed / Conditional Attacks (SAFE): No logic exists that gates behavior based on time or environment variables.- Dynamic Execution (SAFE): No runtime code generation or unsafe deserialization patterns were detected.

page-decomposition