The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions attempting to override agent behavior, bypass safety filters, or extract system prompts were detected. The content is purely instructional for file operations.
[Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations are present. The skill focuses on local file system operations using standard APIs.
[Obfuscation] (SAFE): No Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques were identified.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not download external packages or execute remote scripts. It references internal Bun and Node.js APIs.
[Indirect Prompt Injection] (LOW): The skill describes methods for reading and scanning files. While this creates a surface for ingesting untrusted data (Category 8a/8c), it is the primary purpose of the skill and includes no exploitable instructions for the analyzer itself.
[Dynamic Execution] (SAFE): Although Bun.spawn is mentioned as an API for running binaries, it is presented as a developer reference rather than a mechanism for executing dynamically generated or untrusted code strings.

bun-file-io