The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted external code from local paths and GitHub repositories.
Ingestion points: The /analyze-repo command accepts local file paths and remote GitHub URLs for analysis.
Boundary markers: No specific delimiters or instructions to ignore embedded commands are described in the documentation to prevent the model from obeying instructions hidden in analyzed code.
Capability inventory: The tool performs deep analysis across multiple dimensions (SQALE, OWASP, architecture), which involves processing and reasoning over potentially malicious third-party content.
Sanitization: The documentation does not specify methods for sanitizing or escaping the content of analyzed repositories before it is processed by the AI.
[Prompt Injection] (SAFE): No direct prompt injection attempts or system prompt overrides were detected in the documentation text.
[Obfuscation] (SAFE): No base64, zero-width characters, or other encoding techniques were used to hide content.
[No Code] (SAFE): The provided file is a README.md containing documentation only; no actual implementation scripts or logic were provided for analysis.

analyze-repo