The Agent Skills Directory

PROMPT_INJECTION (SAFE): No instructions found that attempt to override system safety guidelines, bypass constraints, or extract system prompts. The instructional tone is strictly focused on development tasks.
DATA_EXFILTRATION (SAFE): The skill does not access sensitive credential files (e.g., ~/.aws/credentials, ~/.ssh). While it reads project-specific configuration files (like config.py), it does so to verify local environment settings (host/port) without transmitting this data to external domains.
REMOTE_CODE_EXECUTION (SAFE): The skill does not perform any remote downloads or execution of external scripts (no curl|bash patterns). It suggests standard local tools like Postman or curl for manual testing by the user.
OBFUSCATION (SAFE): No evidence of Base64 encoding, zero-width characters, homoglyphs, or other techniques used to hide malicious intent or code.
INDIRECT_PROMPT_INJECTION (SAFE): Although the skill has the surface area to read untrusted code from a repository (Ingestion points: project files in backend/ and frontend/ via Read/Glob/Grep tools), it contains no automated execution of the content read. The capabilities (Bash, Write) are intended for local debugging within the user's project context. There is no evidence of the skill aggregator making autonomous decisions based on untrusted inputs that would lead to high-risk behaviors.

frontend-backend-integration