The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses clear, instruction-heavy markdown files to define persona behaviors. No malicious override patterns, jailbreak attempts, or safety filter bypasses were detected. The instructions are focused solely on the intended simulation use case.
[DATA_EXFILTRATION]: No hardcoded credentials, API keys, or access to sensitive local file paths (such as .ssh or .env) were found. The skill does not perform network operations or send data to external servers.
[REMOTE_CODE_EXECUTION]: The skill consists entirely of markdown configuration and knowledge files. It does not download or execute remote scripts at runtime. Installation commands in the README follow standard package manager patterns.
[COMMAND_EXECUTION]: No dangerous system commands, privilege escalation attempts (sudo/chmod), or persistence mechanisms were identified in any of the analyzed files.
[SAFE]: An indirect prompt injection surface is present in the @summarize command, which processes user-provided interview transcripts. However, the skill defines a strict 'Truth Filter' to sanitize this input and lacks any operational capabilities (such as file writes or network access) that could be leveraged for an attack.
[SAFE]: No obfuscation, encoding, or hidden content techniques (such as Base64 instructions or zero-width characters) were detected.

personatwin