The Agent Skills Directory

[SAFE]: The skill provides architectural guidance and code templates for Repository, Service Layer, and Middleware patterns.
[SAFE]: Code examples follow standard security practices, including token-based authentication and authorization using environment variables for secrets.
[SAFE]: No malicious patterns such as hardcoded credentials, unauthorized network calls, or obfuscated instructions were detected.
[PROMPT_INJECTION]: The skill defines patterns for processing data from external API requests, which identifies an attack surface for indirect prompt injection. Although present, the risk is mitigated by the recommendation of schema-based validation.
Ingestion points: API handlers in SKILL.md ingest data from req.headers.authorization and request.json().
Boundary markers: No explicit delimiters or boundary markers are defined in the provided templates to isolate untrusted data.
Capability inventory: The templates describe capabilities for database interactions (Supabase), caching (Redis), and network responses (NextResponse) in SKILL.md.
Sanitization: The documentation suggests using Zod for input validation within its error handling section in SKILL.md.

backend-patterns