The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill's stated purpose of 'secure-coding-review' combined with the 'modifies_files' capability creates a surface for indirect prompt injection, where malicious instructions in analyzed code could influence agent behavior.
Ingestion points: Local project source code files.
Boundary markers: None defined in the manifest.
Capability inventory: Includes 'modifies_files' and 'creates_artifacts'.
Sanitization: No sanitization or validation logic is specified in the manifest metadata.
[Metadata Analysis] (SAFE): The manifest fields are professional and consistent with the skill's described purpose, with no evidence of deceptive metadata or prompt injection in the description or name.

Security Architect