The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Bash(npm audit) and Bash(grep *) to perform local security audits on the codebase. It also provides a script audit.sh which executes standard grep commands to find secrets, environment file leaks, and console logs. These are standard security auditing operations.
[PROMPT_INJECTION]: While the skill contains instructional text like 'Ignore previous instructions' within references/PROMPT-INJECTION.md, this is documentation of attack patterns intended to educate the user on how to prevent them, rather than an attempt to hijack the agent. The skill itself provides defensive boundaries and sanitization recommendations.
[EXTERNAL_DOWNLOADS]: The skill mentions external tools like npm audit, pip-audit, and cargo audit. These are well-known security tools from official package managers and are used for their intended purpose of vulnerability scanning.
[DATA_EXFILTRATION]: There is no evidence of data exfiltration. The network-related advice (like checking HaveIBeenPwned) and local script execution are focused on internal security posture without unauthorized external transmission.
[CREDENTIALS_UNSAFE]: The skill provides examples of hardcoded secrets (e.g., sk_live_abc123) explicitly as 'What not to do' examples (marked with ❌). No actual credentials for the author or target system are exposed.

aif-security-checklist