The Agent Skills Directory

[SAFE]: Analysis of the skill instructions, metadata, and dependencies reveals no evidence of malicious intent, obfuscation, or unauthorized data access. The use of standard tools like Flyway and Liquibase is consistent with the skill's stated purpose.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted business logic artifacts to generate functional code and database scripts. Ingestion points: BusinessSemanticsArtifact in SKILL.md. Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are defined for the input data. Capability inventory: The skill can generate Java source files for Controllers, Services, Repositories, and Entities, as well as SQL migration scripts. Sanitization: No input validation or sanitization mechanisms are described for the processed business models.

modernization-generator