The Agent Skills Directory

[Prompt Injection] (SAFE): No override markers, role-play injections, or instructions to ignore safety guidelines were detected.
[Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or access to sensitive local file paths (like SSH keys or AWS configs) were found. No network exfiltration patterns are present.
[Obfuscation] (SAFE): The content is clear and readable with no signs of Base64 encoding, zero-width characters, or homoglyph attacks.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): The example code uses the 'datasets' library, which is a standard package for handling HuggingFace datasets. There are no patterns involving piped remote execution (curl|bash) or suspicious package installations.
[Privilege Escalation & Persistence] (SAFE): No commands involving sudo, chmod, or modifications to shell startup profiles/crontabs were identified.
[Indirect Prompt Injection] (LOW): While the skill involves ingesting untrusted data (datasets), the primary purpose is token counting. There is a inherent surface for indirect injection, but the risk is minimal given the specialized use-case and lack of sensitive output capabilities documented in the skill.

count-dataset-tokens