The Agent Skills Directory

[SAFE]: The skill is a set of instructional guidelines for code refactoring. All identified commands, such as git show to verify previous versions of code and npm run type-check for static analysis, are standard development practices intended to ensure code quality and correctness.
[COMMAND_EXECUTION]: The skill mentions the use of shell commands like git, npm, and eslint. These are used appropriately within the context of the skill's stated purpose (verifying code changes during refactoring).
[DATA_EXPOSURE]: The skill instructs the agent to read historical versions of files using git show. While this involves accessing repository data, it is a necessary and standard step for the intended use case of verifying refactoring correctness against original implementations.
[PROMPT_INJECTION]: No malicious prompt injection patterns were found. The instructions use natural language to guide the agent's behavior for a specific technical task without attempting to bypass safety filters or extract system information.
[INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests untrusted data by reading source code (via git show) that could theoretically contain malicious instructions. However, this is a standard risk for any code-analysis tool and the skill includes defensive programming suggestions to handle data safely.

cc-field-mapping-safety