The Agent Skills Directory

PROMPT_INJECTION (SAFE): The persona instructions ('Steve Jobs/Jony Ive') are stylistic and focused on design philosophy rather than bypassing AI safety constraints. The skill includes strong negative constraints like 'Do not implement anything without approval' and 'Do not touch functionality'.\n- DATA_EXPOSURE (SAFE): The skill identifies design-related files for context (e.g., DESIGN_SYSTEM.md, PRD.md) but does not attempt to access sensitive secrets or exfiltrate data. The walkthrough process involving screenshots is for internal visual analysis only.\n- COMMAND_EXECUTION (SAFE): No scripts or instructions for executing shell commands, installing packages, or modifying system configurations are present in the skill. All proposed changes are intended to be presented for manual review.\n- INDIRECT_PROMPT_INJECTION (SAFE): The skill analyzes external project files for design context. While these are untrusted ingestion points, the risk is mitigated by the skill's narrow visual scope and the mandatory approval gate for any resulting suggestions.\n- REMOTE_CODE_EXECUTION (SAFE): No external dependencies are downloaded or executed. The reference links in the metadata point to reputable documentation sites (e.g., Apple Developer) and are not used for code loading.

design-audit