The Agent Skills Directory

[SAFE]: The skill provides educational content and usage templates for a legitimate security utility. It does not contain any executable scripts, hidden logic, or malicious code.
[COMMAND_EXECUTION]: Multiple command templates are provided for the age and age-keygen binaries. These are intended to be executed by the user to perform standard encryption tasks.
[EXTERNAL_DOWNLOADS]: The skill references a command to fetch public keys from GitHub (github.com), which is a well-known service. This is a standard practice for identifying encryption recipients and is documented neutrally.
[DATA_EXFILTRATION]: The documentation references sensitive file paths such as ~/.ssh/id_ed25519 and ~/.age/key.txt. These references are illustrative and required for the core function of decrypting files using existing identities.
[PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill is designed to handle arbitrary file content:
Ingestion points: User-provided files (plaintext.txt, encrypted.age) and environment configuration files (.env) referenced in SKILL.md and cheatsheet.md.
Boundary markers: None identified; commands process file paths directly.
Capability inventory: Binary execution of age and age-keygen as listed in SKILL.md.
Sanitization: None; input is treated as raw data for cryptographic operations.

age