The Agent Skills Directory

[Prompt Injection] (SAFE): No patterns of direct instructional override or system prompt extraction were detected in the skill instructions.
[Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or network-based exfiltration triggers are present within the markdown or logic.
[Remote Code Execution] (SAFE): Suggested commands such as npm run build are provided for verification and are not automatically executed by the skill itself.
[Indirect Prompt Injection] (LOW): The skill's primary function involves analyzing untrusted source code, which creates a surface for indirect instructions to influence the agent.
Ingestion points: Untrusted local source code accessed via Read, Glob, and Grep tools.
Boundary markers: Analysis is scoped to specific Next.js file patterns and extensions, though explicit markers for the LLM are absent.
Capability inventory: Read, Glob, Grep, and TodoWrite tools are permitted.
Sanitization: There is no explicit sanitization or instruction to ignore embedded prompts in the analyzed code content.

reviewing-nextjs-16-patterns