The Agent Skills Directory

[OBFUSCATION]: Zero-width character obfuscation detected in markdown titles.\n- Evidence: The titles of SKILL.md and references/philosophy.md contain long sequences of invisible characters (U+200B, U+200C, U+200D).\n- Analysis: Decoding the zero-width sequences reveals binary data beginning with the identifier 'SK1L' followed by a sequence of non-printable bytes. This technique is used to embed hidden data that is invisible to the user but can be read by automated systems, often used for tracking or bypassing text-based security filters.\n- [PROMPT_INJECTION]: Inclusion of obfuscated content within instruction files.\n- Evidence: Hidden data is embedded directly in the primary markdown files used to guide the agent's behavior.\n- Analysis: Although no specific malicious payload was found, the use of obfuscation in system instructions is a primary vector for hiding malicious intent and bypassing safety guardrails. In an 'assume-malicious' posture, any hidden content in prompts is considered high severity.

lamport-formal-distributed