The Agent Skills Directory

[SAFE]: The skill is well-structured and focuses entirely on the logical process of requirement gathering and documentation. No malicious patterns were identified across any analyzed files.
[DATA_EXPOSURE]: The skill defines a clear output path for its artifacts (docs/requirements-planning/). This is standard behavior for documentation agents and does not involve accessing sensitive system files or environment variables.
[COMMAND_EXECUTION]: No suspicious shell commands or privilege escalation attempts were detected. The only command mentioned is a standard installation instruction in the README.
[REMOTE_CODE_EXECUTION]: The skill does not perform remote downloads or execute code from external sources. URLs included in the metadata are for attribution to the original methodologies and repositories the skill is based on.
[PROMPT_INJECTION]: The skill includes strong negative constraints ("HARD-GATE") that prevent the agent from jumping to design or implementation phases prematurely. There are no instructions that attempt to bypass safety filters or override system-level instructions.
[INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted user data (ideas and feature requests) and writes this to local files. However, the diagnostic process requires the agent to transform and validate this data through a specific schema (RA0-RA5), which acts as a natural buffer against raw instruction injection from the input.

analyze-requirements