The Agent Skills Directory

[DATA_EXFILTRATION]: The skill is designed to locate and read sensitive environment configuration files such as .env, .env.production, .env.local, and .env.development. These files typically contain sensitive secrets, API keys, and database credentials.
[CREDENTIALS_UNSAFE]: The report generation phase provides an example of a remediation step that includes hardcoded credentials (postgresql://user:pass@localhost:5432/dbname). This encourages the placement or output of plain-text credentials in validation reports or chat logs.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources (project .env files and source code).
Ingestion points: Processes .env files, .env.example, and source code files during discovery and validation phases (SKILL.md, Phase 1 and 3).
Boundary markers: No specific boundary markers or instructions are provided to the agent to ignore or isolate potential instructions embedded in the files being scanned.
Capability inventory: The skill uses file-read and grep capabilities to scan the filesystem (SKILL.md, Phase 1).
Sanitization: There is no mention of escaping, filtering, or validating the content of the files before processing or including them in the final report.

env-validator