The Agent Skills Directory

[SAFE]: The skill implements legitimate privacy compliance workflows using standard libraries and secure coding practices.
[DATA_EXFILTRATION]: The tool is designed to identify and process PII across local files and databases. Exfiltration risk is mitigated by performing all operations locally, redacting passwords from connection strings, and generating local audit logs.
[COMMAND_EXECUTION]: Database discovery logic utilizes parameterized query generation and validates table and field names against a strict regex pattern (^[a-zA-Z_][a-zA-Z0-9_.]*$) to prevent SQL injection.
[PROMPT_INJECTION]: The skill processes untrusted data from external sources (files and databases) which presents a surface for indirect prompt injection.
Ingestion points: Files are read via PIIDiscoveryEngine.scan_files and database records are prepared via PIIDiscoveryEngine.scan_database.
Boundary markers: Discovered content is processed directly by the analysis engines without explicit delimiters.
Capability inventory: The skill performs local file writes for logs and output packages using Path.write_text. It contains no subprocess execution or remote network exfiltration capabilities.
Sanitization: SQL identifiers are regex-validated and connection strings are redacted. No sanitization is performed on the unstructured text of scanned files.

implementing-gdpr-data-subject-access-request