The Agent Skills Directory

Prompt Injection (SAFE): No instructions attempting to bypass safety filters or override system prompts were found. The 'command/turborepo.md' file uses structured instructional language to guide the agent without aggressive override markers.
Data Exposure & Exfiltration (SAFE): The documentation uses generic placeholders for sensitive items like API_KEY and TURBO_TOKEN. No hardcoded credentials or commands to exfiltrate sensitive files (e.g., SSH keys or AWS credentials) were detected.
Obfuscation (SAFE): No Base64-encoded strings, zero-width characters, homoglyphs, or other obfuscation techniques were identified across any of the 27 files.
Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard, well-known developer tools and registries (npm, pnpm, npx, Turborepo). No suspicious remote script downloads or piped execution patterns (e.g., curl | bash) are present.
Privilege Escalation & Persistence (SAFE): There are no commands attempting to gain administrative privileges (sudo) or establish persistence via system configurations or shell profiles.
Indirect Prompt Injection (LOW): While the skill processes user requests via $ARGUMENTS to generate configuration, it uses boundary markers (<user-request>) and provides strict structural rules (e.g., 'DO NOT create Root Tasks') to guide the agent toward safe output. Following the mandatory evidence chain: 1. Ingestion: $ARGUMENTS in command/turborepo.md. 2. Boundaries: Present as XML-like tags. 3. Capability: Creating configuration/scripts. 4. Sanitization: Relies on LLM guardrails and structural rules. Severity remains LOW as this is standard for agentic tools.

turborepo