The Agent Skills Directory

[SAFE]: The core logic in scripts/scan.py performs static analysis of local files within a user-specified directory. It uses regular expressions to find patterns and does not execute the files it scans or perform any network requests.\n- [SAFE]: The skill does not rely on external dependencies or third-party packages, which minimizes supply chain risks. All Python imports are from the standard library (argparse, json, re, sys, pathlib).\n- [SAFE]: No evidence of prompt injection or instructions to bypass safety guidelines was found. The instructions and evaluation cases are focused strictly on the migration scanning task.\n- [SAFE]: The scanner does not have capabilities for command execution (e.g., subprocess, os.system), privilege escalation (e.g., sudo), or persistence. It operates with the least privilege necessary to read files and output a report to stdout.\n- [SAFE]: While the skill ingests untrusted data from a repository, it does not use this data to dynamically generate instructions or commands. The lack of dangerous capabilities like network access or file writing prevents exploitation via indirect prompt injection.

opus-4-7-migration