The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill exhibits a potential surface for indirect prompt injection attacks because it is designed to analyze untrusted external data.
Ingestion points: The skill utilizes the Read and Grep tools to ingest local file content (e.g., cookies, configuration files) for analysis.
Boundary markers: No specific boundary markers or instructions to ignore embedded commands within processed data are defined in the skill definition.
Capability inventory: The skill has access to Bash(npm:*) for command execution and Write for file system modification, which could be leveraged if the agent obeys instructions hidden in the data it analyzes.
Sanitization: There is no evidence of input sanitization or validation routines to filter malicious payloads from the analyzed data.
[Command Execution] (SAFE): The skill requests broad permissions for Bash(npm:*), allowing it to install and run Node.js packages. While this is a powerful capability, no malicious commands, unauthorized downloads, or suspicious scripts were found in the static analysis of this file.

cookie-security-analyzer