The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were detected across the skill files. The instructions and scripts follow standard administrative and security auditing practices.
[PROMPT_INJECTION]: The skill instructions provide structured steps for security assessment without any markers of bypass attempts, role-play injections, or instructions to ignore system safety guidelines.
[DATA_EXPOSURE]: No hardcoded credentials, API keys, or unauthorized access to sensitive system paths were identified. The skill correctly references standard secret management practices (e.g., verifying credentials) as prerequisites.
[REMOTE_CODE_EXECUTION]: The Python scripts provided are boilerplate templates using only standard libraries. They do not download or execute remote code from external sources.
[INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to process untrusted database configurations and scan results. However, the provided templates do not currently implement any unsafe interpolation or execution of processed data. Standard precautions are recommended when the agent interprets output from external database tools.

scanning-database-security