The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill is designed to ingest and validate user-provided code snippets. This ingestion point creates a surface where embedded instructions in code could attempt to influence agent behavior. However, the skill lacks dangerous capabilities (network access, file writing, shell execution) to exploit this surface. Evidence: 1. Ingestion points: User code in .ts, .js, .py files. 2. Boundary markers: Absent. 3. Capability inventory: None. 4. Sanitization: Absent.\n- [Prompt Injection] (SAFE): Instructions are standard for defining a persona and do not include patterns for bypassing safety filters or extracting system prompts.\n- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file access was found. The regex patterns in validations.md are diagnostic tools for identifying bad coding practices, not for data collection.\n- [Remote Code Execution] (SAFE): The skill contains no executable code, external dependencies, or remote script download patterns.

system-designer