The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill is designed to analyze external source code using the provided tools. This creates an attack surface where malicious instructions in the analyzed code could attempt to influence the agent.
Ingestion points: External code files accessed via 'Read', 'Grep', and 'Glob' tools.
Boundary markers: None present in the instructions.
Capability inventory: Limited to reading files; no capabilities for network exfiltration, file writing, or command execution are requested.
Sanitization: Not applicable as the skill only provides a reference checklist.
[Prompt Injection] (SAFE): No instructions to bypass safety filters or override system behavior were detected.
[Data Exposure] (SAFE): No hardcoded credentials, API keys, or instructions to access sensitive system files were found.
[External Downloads] (SAFE): The skill does not perform any remote downloads or package installations.

reviewing-server-actions