The Agent Skills Directory

[SAFE]: The skill provides technical instructions for the Astro framework without any detected malicious patterns or attempts to override agent behavior.
[DATA_EXFILTRATION]: No suspicious network operations or sensitive file access patterns were found. Examples using fetch target placeholder domains or standard API patterns for legitimate data retrieval within the framework's context.
[CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were detected. The instructions explicitly recommend using process.env for managing runtime secrets, which is a standard security best practice.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns or unsafe package installations were detected. The CLI commands mentioned (npx astro add, npm create astro) are standard tools for the Astro ecosystem.
[PROMPT_INJECTION]: The content is strictly instructional and technical, with no use of "Ignore previous instructions" or other adversarial prompt patterns.
[COMMAND_EXECUTION]: The skill does not instruct the agent to execute dangerous shell commands or acquire elevated privileges. Operations are restricted to standard web development workflows.
[SAFE]: The skill includes a 'Red Flags' section which serves as a security and performance guide for users, identifying common anti-patterns like over-hydration or missing build-time validations.
[SAFE]: Data ingestion surfaces are identified in API-based loaders and SSR routes, but the skill mitigates risk through the following evidence chain:
Ingestion points: src/content.config.ts (external API loaders) and src/pages/api/ (request handling).
Boundary markers: Natural separation of server-side logic in Astro frontmatter from the HTML template.
Capability inventory: Network fetching, cookie management, and redirection capabilities are present but used for standard web functionality.
Sanitization: Mandatory use of Zod schemas (astro/zod) for all content collections provides robust validation and sanitization of external data.

web-meta-framework-astro