The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified within the skill's instructions.\n- [NO_CODE]: The skill consists only of documentation (SKILL.md) and contains no executable scripts, binaries, or system configurations.\n- [PROMPT_INJECTION]: The persona instructions follow standard operational procedures without attempting to bypass safety guardrails or use deceptive overrides.\n- [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized data transfer mechanisms were found.\n- [PROMPT_INJECTION]: An ingestion surface for indirect prompt injection is identified (processing logs and user reports), but is assessed as safe due to a lack of exploitable capabilities in the provided file. Evidence: 1. Ingestion points: The skill processes monitoring data, logs, and user reports (SKILL.md); 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present; 3. Capability inventory: While the skill mentions auto-remediation and runbooks, no executable tools or scripts are provided in the context; 4. Sanitization: No sanitization or validation of external input is described.

devops-incident-responder