The Agent Skills Directory

[SAFE]: The skill is entirely descriptive and instruction-based, focused on Markdown templates and planning briefs. It does not contain executable scripts, binaries, or commands that interact with the host system's shell or network.
[SAFE]: The skill implements strict boundary constraints, specifically an 'import-only' policy that forbids live Frida execution, mitigating risks associated with dynamic instrumentation during the planning phase. It requires evidence to be tied to a reviewable runtime-capture manifest, ensuring provenance.
[PROMPT_INJECTION]: While the skill ingests external data (Frida evidence bundles), it does so within a structured audit framework. It mandates the separation of 'observed claims' from 'inferred claims' and requires explicit reviewer adjudication for conflicts between static and dynamic analysis. These practices serve as effective boundary markers against indirect prompt injection.
Ingestion points: Frida evidence bundles and linked capture manifests are ingested via the planning-brief.md and SKILL.md protocols.
Boundary markers: The skill uses specific Markdown templates (templates/frida-evidence-manifest.md) to isolate data and requires distinct labeling for observations versus analyst interpretations.
Capability inventory: The skill has no execution capabilities; it is limited to generating Markdown documentation (spec.md, plan.md, tasks.md).
Sanitization: The workflow relies on manual and automated audit checklists to verify that generated artifacts maintain the required security boundaries.

headless-ghidra-frida-evidence