The Agent Skills Directory

[PROMPT_INJECTION]: The skill utilizes "CRITICAL" and "MUST" directives to enforce technical framework constraints related to architecture, such as resumability and serialization boundaries. These instructions are essential for functional correctness within the Qwik ecosystem and do not attempt to bypass safety filters or override core agent behavior.
[DATA_EXFILTRATION]: Pedagogical examples demonstrate standard patterns for accessing environment variables (e.g., DATABASE_URL) and session cookies. These are common full-stack development practices and are used as placeholders without hardcoded credentials or unauthorized network exfiltration logic.
[EXTERNAL_DOWNLOADS]: The skill correctly references official and well-known packages from the Builder.io organization, such as @builder.io/qwik and @builder.io/qwik-city. No suspicious or unverifiable remote sources were detected.
[SAFE]: Indirect prompt injection surface analysis: 1. Ingestion points: Data enters the application via route parameters, form data in route actions, and session cookies. 2. Boundary markers: The skill explicitly advocates for using Zod schemas to validate all incoming data at the server boundary. 3. Capability inventory: The documented capabilities include server-side database access, environment variable retrieval, and network fetching using standard APIs. 4. Sanitization: Detailed examples demonstrate how to use Zod for strict validation and provide structured error handling via framework-native methods.

web-meta-framework-qwik