The Agent Skills Directory

SAFE (SAFE): The skill contains no code, scripts, or external dependencies. It strictly defines natural language instructions for the agent to follow when drafting emails.- Indirect Prompt Injection (SAFE): While the skill ingests user input via $ARGUMENTS, it lacks any functional capabilities (like file writing, network access, or command execution) that could be exploited through malicious input. Evidence: 1. Ingestion: parses $ARGUMENTS in SKILL.md. 2. Boundary markers: none. 3. Capability inventory: no subprocess, network, or file-write operations. 4. Sanitization: none.

follow-up