The Agent Skills Directory

Prompt Injection (SAFE): No instructions found attempting to override system behavior or bypass safety filters. Natural instructional language is used throughout the workflow.\n- Data Exfiltration (SAFE): No network operations or sensitive file access patterns detected. Domain references are limited to documentation sites (tremor.so, npm.tremor.so) and package registries.\n- External Dependencies (LOW): The skill identifies several standard frontend dependencies (e.g., @tremor/react, Radix UI, Recharts). These are standard industry packages and do not pose a direct security risk as they are used for their intended UI purposes.\n- Indirect Prompt Injection (LOW): The skill processes untrusted data for visualization in charts and tables. Ingestion points include data arrays passed to components like AreaChart and Table. Capability is limited to display-only rendering within a React environment, which typically mitigates standard XSS risks.\n- Obfuscation (SAFE): No encoded content, zero-width characters, or homoglyphs were detected in the instructions or code snippets.

tremor-design-system