The Agent Skills Directory

Prompt Injection (SAFE): No patterns of instruction override, role-play injection, or safety filter bypass were detected.\n- Data Exposure & Exfiltration (SAFE): The packaging script reads local files to create archives but does not target sensitive system paths (like ~/.ssh) or perform network operations.\n- Unverifiable Dependencies & Remote Code Execution (SAFE): The provided scripts use standard Python libraries (sys, os, re, zipfile, pathlib); no external packages are installed or executed.\n- Command Execution (SAFE): No automated execution of dangerous shell commands was found; shell examples in the documentation are for manual user/agent reference only.\n- Obfuscation (SAFE): No use of Base64, zero-width characters, or homoglyphs to hide malicious intent was found.\n- Indirect Prompt Injection (SAFE): The skill has a minimal attack surface through file system interactions. 1. Ingestion points: scripts/package_skill.py and scripts/quick_validate.py read files from user-specified directories. 2. Boundary markers: Absent. 3. Capability inventory: Local file reading and zip archive creation. 4. Sanitization: Path existence checks and regex-based frontmatter validation. No untrusted content is interpolated into agent instructions or executable contexts.

skill-development