The Agent Skills Directory

[SAFE]: The skill consists entirely of Markdown templates and instructions. No executable code or scripts are present across the 14 files analyzed.
[DATA_EXFILTRATION]: No network operations (e.g., curl, wget) or sensitive file access patterns (e.g., .ssh, .aws) were detected. The skill includes specific instructions in the intake process and quality checklists to avoid requesting or recording secrets and credentials.
[INDIRECT_PROMPT_INJECTION]: The skill defines a surface for processing untrusted data. 1. Ingestion points: External links or screenshots of design artifacts (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: No scripts, subprocess calls, or dangerous capabilities exist in the skill pack. 4. Sanitization: No automated sanitization is performed. This surface is considered safe because the agent lacks the tools or permissions required to perform malicious actions even if instructions were embedded in the design artifacts.

running-design-reviews