The Agent Skills Directory

[PROMPT_INJECTION]: The skill does not contain any instructions aimed at overriding AI safety filters or hijacking the agent's core instructions. It defines a 'vulnerability analysis expert' persona with specific guardrails that limit its use to authorized security analysis scenarios.
[NO_CODE]: A thorough review of the 16 files confirms the absence of any executable script files (e.g., .py, .js, .sh). The skill is composed exclusively of Markdown documentation, which inherently minimizes the risk of automated code execution or compromise.
[COMMAND_EXECUTION]: Although the knowledge base documents various command execution payloads and techniques (e.g., reverse shells, shell injection), these are provided strictly as historical examples and methodology references. The skill does not possess or call any tools to execute these commands on the host environment.
[DATA_EXFILTRATION]: No patterns indicative of credential theft or sensitive data collection were found. References to sensitive file paths like /etc/passwd or .env are documented as targets for vulnerability testing rather than paths the skill attempts to access. Example credentials provided in the files are explicitly marked as desensitized.
[INDIRECT_PROMPT_INJECTION]: The skill functions by analyzing vulnerability data which could potentially contain adversarial instructions. However, the presence of instructional guardrails in SKILL.md and the extraction template provides guidance for the agent to maintain a neutral analytical posture, and the lack of tool-execution capabilities limits the impact of potential injections.

vuln-analysis-expert