The Agent Skills Directory

[SAFE]: No security concerns or malicious patterns were identified across the 12 analyzed files.
[PROMPT_INJECTION]: The instructions do not attempt to override AI safety filters, ignore prior rules, or extract system prompts. The role definitions for sub-agents are task-specific and benign.
[DATA_EXFILTRATION]: No sensitive file paths (e.g., SSH keys, environment variables) or hardcoded credentials were found. All network-related content consists of documentation links to official technology domains (e.g., typescriptlang.org, eslint.org, webpack.js.org, vitejs.dev), which are well-known and trusted sources.
[REMOTE_CODE_EXECUTION]: The skill does not implement any remote code execution, dynamic script loading, or package installation at runtime.
[COMMAND_EXECUTION]: No dangerous shell commands, privilege escalation (sudo/chmod), or persistence mechanisms were detected. System operations are limited to orchestrating sub-skills through the Task tool for text processing.
[SAFE]: Although the skill processes untrusted external data (build logs) which constitutes an indirect prompt injection surface, it lacks the exploitable capabilities (such as file writes or arbitrary code execution) necessary to facilitate an attack.

build-report