The Agent Skills Directory

COMMAND_EXECUTION (SAFE): The skill uses argparse to handle user input for file paths and algorithms. It employs standard file system operations through the pathlib and os modules. There is no evidence of arbitrary command execution, shell injection, or spawning of external processes via subprocess or os.system.
DATA_EXFILTRATION (SAFE): The tool operates entirely locally. It calculates hashes of specified files and prints them to the terminal or writes them to a user-provided output file. No network libraries (like requests or urllib) are used, and there are no hardcoded URLs or data exfiltration patterns.
EXTERNAL_DOWNLOADS (SAFE): The skill does not download any external content or execute remote scripts. It relies solely on the Python standard library (hashlib, argparse, pathlib).
CREDENTIALS_UNSAFE (SAFE): No hardcoded credentials, API keys, or sensitive environment variable accesses were detected.
PROMPT_INJECTION (SAFE): The instructions in SKILL.md are purely functional and descriptive. There are no attempts to override agent instructions or bypass safety filters.
INDIRECT_PROMPT_INJECTION (LOW): While the skill reads and hashes file content, it treats the data as binary for hashing and does not interpret it as instructions. The risk of the content influencing the agent is negligible.

file-hasher