The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes user-provided architectural plans and queries, creating a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: User queries and planning context (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: None (text-only reasoning). 4. Sanitization: Absent. The impact is restricted to local reasoning influence.
[SAFE] (SAFE): No other malicious patterns, such as remote code execution, obfuscation, or data exfiltration, were detected in the skill definition.

devils-advocate