The Agent Skills Directory

[SAFE]: The skill uses restricted bash commands (npm test, npm audit, npm outdated) to perform legitimate project health assessments. No suspicious network exfiltration, persistence mechanisms, or privilege escalation patterns were detected.
[PROMPT_INJECTION]: The skill analyzes external project files and source code, creating a surface for indirect prompt injection. * Ingestion points: The skill reads package.json, directory structures, and source files as specified in SKILL.md and workflow.md. * Boundary markers: No explicit instructions or delimiters are provided to help the agent distinguish between its own instructions and content found within the analyzed files. * Capability inventory: The skill leverages Read, Grep, Glob, and restricted Bash tools to inspect the environment. * Sanitization: There is no evidence of input validation or sanitization for the data retrieved from the codebase before it is processed by the agent.

discover