The Agent Skills Directory

Prompt Injection (SAFE): No instructions to bypass safety filters or override agent behavior were detected in the skill markdown.- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network exfiltration patterns were identified.- Obfuscation (SAFE): The content is clear and uses no hidden characters, Base64 encoding, or other obfuscation techniques.- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not download or execute code from external or untrusted sources.- Indirect Prompt Injection (LOW): The skill exhibits an attack surface for indirect prompt injection. Ingestion points: The agent reads existing project files via Read and Glob tools during the Discovery and Implementation phases. Boundary markers: There are no instructions to use delimiters or 'ignore embedded instructions' warnings for the data being read. Capability inventory: The skill has access to powerful tools including Bash, Write, and Edit, which could be exploited by malicious content in a processed file. Sanitization: No content sanitization or validation logic is specified for ingested data.

project-bootstrapper