core-pattern-finder

================================================================================

✅ VERDICT: SAFE

This skill is a descriptive markdown file that provides instructions for an AI agent to search for implementation patterns within Drupal core. It defines metadata, activation triggers, quick reference tables, and a detailed workflow using conceptual tools like 'Grep', 'Glob', and 'Read'.

No executable code, external dependencies, or direct commands that could lead to security vulnerabilities were found. The skill's content is straightforward and aligns with its stated purpose.

Total Findings: 1

ℹ️ INFO Findings: • Indirect Prompt Injection Risk

• Line 49: The skill instructs the agent to read file content from 'core/modules/' paths. While the skill itself is benign, any skill that processes external data (like file content) inherently carries a theoretical risk of indirect prompt injection if the external data were maliciously crafted to include hidden instructions for the agent. This is a general risk for data-processing skills and not a specific vulnerability introduced by this skill's design.

================================================================================