The Agent Skills Directory

[SAFE]: The skill consists of documentation and reference code snippets designed to improve the security of AI-powered applications. It does not contain executable logic that runs during installation or usage.
[PROMPT_INJECTION]: The skill documents common prompt injection patterns (e.g., 'ignore previous instructions') and system prompt extraction techniques. These are used exclusively as examples for implementing defensive measures, such as 'guardian models' and 'input boundary markers', and do not represent an attack vector within the skill itself.
[DATA_EXFILTRATION]: No patterns of unauthorized data access or transmission were found. Code examples illustrate secure handling of sensitive information using environment variables and server-side response scrubbing to redact potential secrets (e.g., API keys) from output streams.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns or unverified dependencies were detected. The skill references well-known, industry-standard libraries for validation and sanitization, such as Zod and DOMPurify.
[COMMAND_EXECUTION]: Examples that discuss executing system commands or database queries emphasize strict security controls, including parameterized queries, command allowlisting, and mandatory human-in-the-loop approval gates.

secure-ai