The Agent Skills Directory

[PROMPT_INJECTION]: The skill documentation and core instructions do not contain any patterns typical of prompt injection, such as overrides, jailbreaks, or instructions to ignore safety filters.
[CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private tokens were identified. The documentation uses appropriate placeholders for configuration values (e.g., [Your warehouse address]).
[DATA_EXFILTRATION]: No logic was found that attempts to access sensitive system files (e.g., SSH keys, cloud credentials) or send data to untrusted external domains.
[EXTERNAL_DOWNLOADS]: The skill mentions well-known services and platforms (QuickBooks, Shopify, WooCommerce, Cin7 Core) for integration purposes. These are recognized as trusted services and do not involve downloading or executing unverifiable code.
[REMOTE_CODE_EXECUTION]: There are no instances of remote code execution patterns, such as piping network downloads into a shell or using dynamic evaluation of remote scripts.
[COMMAND_EXECUTION]: The provided TypeScript snippets and instructions do not utilize subprocess calls or shell execution capabilities.
[OBFUSCATION]: The skill files were scanned for hidden content, including Base64 encoding, zero-width characters, and homoglyphs; no such obfuscation techniques were found.
[INDIRECT_PROMPT_INJECTION]: While the skill involves a system that processes external data from vendors (e.g., tracking numbers, acknowledgments), the accompanying evaluation tasks explicitly require secure implementation patterns like token-based authentication, guards against repeated actions, and validation of ownership.
[PRIVILEGE_ESCALATION]: No commands or instructions related to privilege escalation (e.g., sudo, chmod 777) were detected.
[PERSISTENCE]: The skill does not contain any logic for establishing persistence on a host system, such as modifying startup scripts or cron jobs.

vendor-management