The Agent Skills Directory

[Prompt Injection] (SAFE): No malicious instructions, DAN patterns, or attempts to override AI safety filters were detected in the instructions.
[Data Exposure & Exfiltration] (SAFE): No sensitive file access or network exfiltration logic. The credential-related patterns in references/validations.md are regex rules used for detecting issues in user code, not hardcoded secrets.
[Obfuscation] (SAFE): No Base64, zero-width characters, or other encoding techniques are used to hide content.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install external packages or execute remote scripts.
[Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted data (user code). 1. Ingestion points: Code snippets or files provided by users for tech debt review. 2. Boundary markers: Absent; no specific delimiters or ignore-instructions are defined for the analyzed content. 3. Capability inventory: No dangerous capabilities (shell access, file-write, or network requests) were identified. 4. Sanitization: Absent; the skill performs direct regex matching on raw input.
[Dynamic Execution] (SAFE): No runtime code generation, unsafe deserialization, or library injection techniques are present.

tech-debt-manager