The Agent Skills Directory

[SAFE]: The skill contains legitimate architectural guidance and code templates for building NestJS applications. All external links point to official documentation, and the suggested patterns align with industry standards.\n- [PROMPT_INJECTION]: The skill is designed to analyze and refactor user-provided NestJS code, which constitutes an ingestion point for untrusted data. Mandatory Evidence Chain: 1. Ingestion points: User-provided NestJS source code in files processed by the agent. 2. Boundary markers: Not explicitly defined in the instructions. 3. Capability inventory: The skill utilizes Bash, Write, Edit, Glob, and Grep tools. 4. Sanitization: No specific sanitization or filtering logic is described for the processed code. However, given the skill's primary purpose as a development aid, this surface is considered a low-risk inherent characteristic and does not escalate the verdict.\n- [COMMAND_EXECUTION]: While the Bash tool is listed as allowed in the frontmatter, the instructions and examples focus exclusively on standard development workflows. No evidence of arbitrary command injection or dangerous shell execution patterns was found.

nestjs-best-practices