The Agent Skills Directory

PROMPT_INJECTION (SAFE): The skill contains instructional content for code generation and architectural compliance. No attempts to bypass safety filters, extract system prompts, or override agent behavior were detected.- DATA_EXFILTRATION (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations are present. Examples use placeholder values (e.g., 'tok_xxx' for Stripe tokens) and follow standard security practices.- EXTERNAL_DOWNLOADS (SAFE): The skill documentation mentions standard development commands (e.g., 'npm run db:generate') but does not initiate any remote script downloads or installations from untrusted sources.- COMMAND_EXECUTION (SAFE): Commands listed are standard for NestJS/Prisma development and are intended for the developer to run in a controlled local environment. No automated or hidden command execution patterns were found.- INDIRECT_PROMPT_INJECTION (SAFE): While the skill defines how to handle external data (orders, carts), it explicitly mandates a three-layer validation strategy (DTOs, Pipes, and UseCase logic) to mitigate risks associated with untrusted input.

droplinked-backend