The Agent Skills Directory

[PROMPT_INJECTION]: The skill metadata and instructions are focused strictly on technology evaluation. No patterns of system prompt overrides, role-play jailbreaks, or safety bypass instructions were found.\n- [REMOTE_CODE_EXECUTION]: Analysis of the Python scripts confirms that no dangerous execution sinks (such as eval, exec, or subprocess calls) are used. The skill performs calculations and logic using standard, safe operations.\n- [DATA_EXFILTRATION]: No code was found that performs network requests or accesses sensitive file system paths (e.g., SSH keys, config files). Data processing is scoped to the inputs provided in the request.\n- [COMMAND_EXECUTION]: The scripts do not execute shell commands or interact with the operating system's command interpreter, minimizing the risk of command injection.\n- [CREDENTIALS_UNSAFE]: No hardcoded API keys, bearer tokens, or other secrets were detected in any of the skill's source files or data assets.\n- [SAFE]: The skill implements a custom, simplified parser for YAML-like input in scripts/format_detector.py, reducing reliance on complex external libraries. Regarding Category 8 (Indirect Prompt Injection): (1) Ingestion points: User-provided text, JSON, and YAML are parsed by format_detector.py. (2) Boundary markers: Handled by the agent host. (3) Capability inventory: No network, shell, or sensitive file access. (4) Sanitization: Input is normalized to standard data structures. The lack of high-privilege capabilities makes this surface safe.

tech-stack-evaluator