The Agent Skills Directory

[SAFE]: The skill is purely informational, providing structured guidelines and checklists for secure development, vulnerability management, and penetration testing. It does not contain any functional code or scripts that could be executed in an environment.- [SAFE]: All external tools mentioned (such as Bandit, Semgrep, Snyk, and OWASP ZAP) are listed as recommended industry-standard tooling for a security program; the skill does not attempt to download, install, or execute these tools.- [SAFE]: No prompt injection or obfuscation techniques were detected. The instructions are clear, descriptive, and focus on reinforcing the agent's persona as a security professional.- [SAFE]: The skill explicitly includes a 'Secure Code Review Checklist' that mandates the detection of hardcoded secrets, insecure cryptography, and injection vulnerabilities, further confirming its defensive and safe nature.

application-security