The Agent Skills Directory

Prompt Injection (SAFE): No malicious redirection or instruction bypass attempts detected. Instructions found in templates are functional for model routing and cost-saving as per the skill's primary purpose.\n- Data Exposure & Exfiltration (SAFE): No evidence of sensitive file access or network exfiltration. Scripts interact only with local state files in the agent's workspace memory.\n- Obfuscation (SAFE): All scripts and documentation are in clear text with no hidden characters, zero-width spaces, or multi-layer encoding.\n- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill uses Python standard libraries and local scripts. No remote code fetching (e.g., curl|bash) or untrusted package installations were found.\n- Privilege Escalation (SAFE): No attempts to gain administrative access or modify system-level configurations.\n- Persistence Mechanisms (SAFE): The skill does not attempt to modify startup scripts or establish unauthorized persistence.\n- Metadata Poisoning (SAFE): Skill manifest and description are accurate and consistent with the observed functionality.\n- Indirect Prompt Injection (SAFE): The model routing surface handles user prompts for complexity analysis, but no exploitable interpolation or hazardous command generation was found in the analyzed logic.\n- Time-Delayed / Conditional Attacks (SAFE): Logical gates, such as quiet hours, are implemented for legitimate operational scheduling and efficiency.\n- Dynamic Execution (SAFE): No dynamic evaluation of untrusted code or runtime generation of executable scripts was detected.

token-optimizer