The Agent Skills Directory

[Indirect Prompt Injection] (INFO): The skill defines a surface for processing untrusted user code and symptoms (Ingestion points: SKILL.md 'Code involved' and 'Symptoms' fields). While it lacks boundary markers, the capability inventory is empty because the skill is purely instructional markdown with no subprocess, network, or file-write calls. It encourages manual removal of PII and credentials.
[SAFE] (SAFE): Static analysis confirms the skill consists entirely of markdown instructions and code templates. There are no executable scripts, hardcoded secrets, or remote downloads detected.

reproduction-builder