The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were identified in the skill's instructions or supporting files.
[COMMAND_EXECUTION]: The skill uses tools like glob and read_file to perform its primary function of auditing codebases. These are standard operations for this use case and are not used to execute arbitrary shell commands or system-level operations.
[DATA_EXFILTRATION]: No network operations, API calls, or external data transmission patterns were found. The skill remains entirely focused on analyzing local codebase files and generating a report for the user.
[PROMPT_INJECTION]: The skill does not contain instructions that attempt to bypass safety filters or override system-level constraints. It provides a clear, professional persona (Senior Engineering Manager) for the purpose of technical review.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data (the codebase being audited) which creates an inherent surface for indirect prompt injection (e.g., instructions hidden in code comments). However, the skill focuses the agent's attention on specific technical patterns like data types, transactional boundaries, and logging practices, which acts as a functional constraint against accidental obedience to instructions embedded in the target data.

senior-eng-review