react-flow-node-ts

The skill consists of a main markdown file (SKILL.md) providing instructions and two template files (assets/template.tsx, assets/types.template.ts) for React Flow node components, along with an acceptance criteria document (references/acceptance-criteria.md).

1. Prompt Injection: No patterns indicative of prompt injection were found in any of the files. The skill's purpose is to provide code templates, not to be an interactive agent susceptible to injection.
2. Data Exfiltration: No commands or code snippets were found that attempt to read sensitive files, access environment variables, or send data to external servers. The skill is purely instructional and templating.
3. Obfuscation: No obfuscation techniques (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were detected in any of the files.
4. Unverifiable Dependencies: The skill itself does not install or execute any external dependencies. The provided code templates reference standard, well-known libraries like @xyflow/react and zustand, which are dependencies for the user's project where the templates would be used, not for the skill itself. Therefore, this category is not applicable to the skill's direct execution.
5. Privilege Escalation: No commands or instructions were found that attempt to escalate privileges (e.g., sudo, chmod 777, system file modifications).
6. Persistence Mechanisms: No attempts to establish persistence (e.g., modifying shell profiles, creating cron jobs, systemd services) were found.
7. Metadata Poisoning: The name and description fields in SKILL.md are benign and accurately reflect the skill's purpose.
8. Indirect Prompt Injection: This skill does not process external user input in a way that would make it susceptible to indirect prompt injection.
9. Time-Delayed / Conditional Attacks: No conditional logic for malicious actions based on time, usage, or environment was found.

Conclusion: The skill is entirely descriptive and provides code templates. It does not execute any commands or scripts, nor does it interact with the file system or network in a malicious way. It is a 'no-code' skill in terms of its own execution, making it inherently safe.