The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override system instructions were found. The skill focuses on legitimate prompt engineering techniques.- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets, API keys, or sensitive local paths were detected. The file paths in examples (e.g., src/lib/redis.ts) are generic placeholders for context.- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data (user draft prompts) to provide refinements. Evidence: 1. Ingestion points: User-provided prompts in 'Step 1: Analyze the Draft Prompt'. 2. Boundary markers: Explicitly recommends using XML tags (, , etc.) to delimit input. 3. Capability inventory: None. The skill contains no code, file system access, or network operations. 4. Sanitization: No explicit sanitization, but structural isolation via XML is encouraged.- [Remote Code Execution] (SAFE): The skill consists entirely of Markdown and YAML metadata; no executable code or external dependency fetching is present.

prompt-refiner-claude