The Agent Skills Directory

[SAFE]: No malicious patterns, such as direct prompt injection, data exfiltration, or obfuscation, were detected. The skill focuses on local file synchronization tasks and uses a human-in-the-loop approach for resolving data conflicts.\n- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute jq for structured JSON manipulation and sha256sum for file integrity checks. These operations are limited to the local project workspace and follow secure practices for data handling (e.g., using --arg in jq).\n- [PROMPT_INJECTION]: No direct prompt injection or safety bypass attempts were found. The skill was evaluated for indirect injection vulnerability surface: 1. Ingestion points: TODO.md and feature-tracker.json. 2. Boundary markers: None present. 3. Capability inventory: Bash tool (jq, mv, sha256sum). 4. Sanitization: The use of jq for all data processing tasks provides robust protection against shell injection compared to manual string interpolation. The overall risk is assessed as safe.

blueprint-feature-tracker-sync