The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions attempting to override agent behavior, bypass safety guidelines, or extract system prompts were detected in the markdown files or metadata.
[Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local file paths (e.g., ~/.ssh, .env) or include hardcoded credentials. All URLs used in code snippets are placeholders (api.example.com).
[Obfuscation] (SAFE): No Base64, zero-width characters, homoglyphs, or encoded commands were identified in the skill body or references.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard .NET packages (NBomber, NBomber.Http) from established registries. There is no evidence of piped remote script execution or execution of untrusted remote code.
[Indirect Prompt Injection] (SAFE): The skill ingests user-provided technical requirements to generate plans. While this is an attack surface, the skill lacks automated execution chains for this data, and the documentation contains no malicious payloads targeting the agent.
[Dynamic Execution] (SAFE): C# code blocks are provided as static reference examples for the user. No unsafe deserialization (e.g., pickle, unsafe yaml) or runtime code compilation from untrusted inputs is present.
[Privilege Escalation & Persistence] (SAFE): No commands involving sudo, chmod 777, or modification of system startup scripts were found.

performance-test-planning