The Agent Skills Directory

[Prompt Injection] (SAFE): The skill uses persona-based instructions to guide agent behavior. No instructions to bypass safety filters, disregard prior rules, or extract system prompts were detected.- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths, hardcoded credentials, or network operations (curl, wget, etc.) are present in the skill.- [Indirect Prompt Injection] (LOW): The skill possesses an ingestion surface for untrusted data (paper drafts). However, it lacks any write or execute capabilities. Evidence: Ingestion point in Phase 1 (skim); no capability inventory of subprocesses or file-writes; output is display-only markdown. The risk is limited to content manipulation within the generated review.- [Remote Code Execution] (SAFE): There are no patterns involving the download or execution of remote scripts, nor are there any package manager commands.- [Obfuscation] (SAFE): No Base64, zero-width characters, homoglyphs, or other encoding techniques intended to hide malicious content were found.

reviewer-2-simulator