The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override system constraints were found. The skill maintains a legitimate focus on CLI support tasks.\n- [Data Exposure & Exfiltration] (SAFE): No sensitive file access for exfiltration purposes was detected. API key references use standard documentation placeholders (e.g., 'sk-ant-xxxxx').\n- [Indirect Prompt Injection] (LOW): The skill presents an attack surface by reading project configuration files (e.g., '.claude/settings.json', 'CLAUDE.md') which could be manipulated by an attacker in an untrusted codebase. Evidence: 1. Ingestion points: 'SKILL.md' (Steps 2A-2D) and 'references/agent-skills.md' read project-level files. 2. Boundary markers: Absent. 3. Capability inventory: Bash, Read, Grep, Glob tools. 4. Sanitization: Absent, though best practices are provided to users.\n- [Command Execution] (SAFE): Although the skill has Bash access, it is utilized exclusively for documented troubleshooting and configuration tasks in line with the skill's purpose.

claude-code