The Agent Skills Directory

[PROMPT_INJECTION]: No evidence of malicious instructions or attempts to bypass safety filters was found. The instructions emphasize strict adherence to security protocols and naming conventions.
[CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private tokens are present. Templates use appropriate placeholders (e.g., [SECRET_NAME], ${{ secrets.GITHUB_TOKEN }}) for sensitive data.
[EXTERNAL_DOWNLOADS]: All external references and dependencies (e.g., actions/checkout, actions/setup-node) target official GitHub Actions or well-known, trusted organizations like HashiCorp and Docker. The instructions mandate pinning these to specific commit SHAs to prevent supply chain attacks.
[COMMAND_EXECUTION]: Shell commands found in templates (e.g., npm ci, docker build) are standard for CI/CD tasks. The skill includes a dedicated reference document (references/best-practices.md) that specifically warns against command injection and provides secure implementation patterns using environment variables.
[DATA_EXFILTRATION]: No patterns for unauthorized data collection or exfiltration were detected. Network operations are limited to standard health checks and deployments to trusted cloud environments (AWS/Azure).
[OBFUSCATION]: The code, templates, and scripts are clear and well-documented. No Base64, zero-width characters, or other obfuscation techniques are used.
[INDIRECT_PROMPT_INJECTION]: While the skill ingests user requirements to generate code (an attack surface), it mitigates this risk by providing clear security guardrails, mandatory validation steps using a secondary validator tool, and extensive documentation on how to safely handle untrusted input within the generated workflows.
[REMOTE_CODE_EXECUTION]: The skill generates code intended for execution in isolated CI environments (GitHub Runners). It does not perform unauthorized remote code execution. All generated code execution points are transparent and follow the user's explicit CI/CD requirements.

github-actions-generator