The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses standard instructional patterns for defining its behavior and triggering phrases. No attempts to override safety guidelines or bypass instructions were found.- [DATA_EXFILTRATION]: Configuration management correctly utilizes environment variables for API keys rather than hardcoding sensitive credentials. No unauthorized network requests or data exposure patterns are present.- [REMOTE_CODE_EXECUTION]: The skill references official and well-known libraries such as @mistralai/mistralai and zod. No untrusted remote code execution or suspicious download patterns were identified.- [COMMAND_EXECUTION]: Provided shell commands are limited to directory structure creation (mkdir) and do not pose a security risk.- [PROMPT_INJECTION]: Regarding Category 8 (Indirect Prompt Injection): 1. Ingestion: Prompt templates in src/mistral/prompts/templates.ts accept raw input. 2. Boundaries: No explicit delimiters or instructions to ignore embedded data are present in the templates. 3. Capability: The skill has limited tool access (Read, Grep). 4. Sanitization: No input validation is performed in the reference code. This is a standard architectural pattern for LLM applications and is documented as a common surface rather than an active threat.

mistral-reference-architecture