The Agent Skills Directory

[PROMPT_INJECTION]: No prompt injection patterns or attempts to override system safety instructions were identified in the instruction sets or script comments.
[DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration. The collection includes scripts like code_quality_analyzer.py and secret_scanner.py that specifically aim to detect and prevent the accidental exposure of hardcoded secrets in user codebases.
[EXTERNAL_DOWNLOADS]: All external references and dependencies target well-known and trusted organizations or services, including Google Cloud, GitHub, Microsoft 365, BrowserStack, and TestRail. These are documented as part of the intended integration capabilities.
[REMOTE_CODE_EXECUTION]: No patterns of arbitrary remote code execution were found. Installation instructions utilize standard and trusted package managers such as npm, npx, and cargo.
[INDIRECT_PROMPT_INJECTION]: The skill set contains a broad data ingestion surface because it analyzes project code, PR diffs, and coverage reports. While this represents a theoretical surface for indirect injection via processed content, the provided scripts perform static pattern matching or statistical analysis and do not execute the content being analyzed.
[DYNAMIC_EXECUTION]: Scaffolders and generators (e.g., api_scaffolder.py, component_generator.py) create code based on predefined templates and do not dynamically evaluate or execute untrusted input.

engineering-skills