The Agent Skills Directory

Prompt Injection (SAFE): The skill uses natural instructional language and clear workflow definitions. There are no attempts to override system prompts, bypass safety filters, or use role-play to escape constraints.
Data Exposure & Exfiltration (SAFE): While the skill reads project source code to generate documentation, it does so using standard tools within the agent's environment. No hardcoded credentials, sensitive file path targeting (like .ssh or .aws), or suspicious network operations were found.
Obfuscation (SAFE): All markdown files and instructions are in plain text. No Base64, zero-width characters, or other encoding techniques were used to hide content.
Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not perform any external package installations (npm/pip) or execute remote scripts via curl/wget. It relies on internal subagents and standard MCP tools.
Indirect Prompt Injection (LOW): The skill processes untrusted project data to generate documentation, creating a potential surface for indirect injection if the source code contains malicious instructions.
Ingestion points: Read, Grep, and Glob tools are used to ingest file content from the local repository (e.g., references/generate.md).
Boundary markers: No specific boundary markers or 'ignore' instructions for the ingested code are defined in the workflow.
Capability inventory: The skill uses the Write tool to create or update documentation files based on the processed data.
Sanitization: No explicit sanitization or escaping of the ingested code content is mentioned before it is processed into documentation.
Dynamic Execution (SAFE): The skill does not use runtime compilation, self-modifying code, or unsafe deserialization. It primarily focuses on text transformation and documentation generation.

documentation-production