The Agent Skills Directory

[SAFE]: The skill consists of educational documentation and code examples for the Frappe Framework. It does not include malicious scripts or unauthorized data access patterns.
[DATA_EXFILTRATION]: The documentation includes instructions on using framework features like ignore_permissions and frappe.set_user("Administrator"). These are correctly presented as tools for system-level operations, accompanied by explicit requirements for documentation and security warnings (found in SKILL.md and references/permission-api-reference.md).
[INDIRECT_PROMPT_INJECTION]: The skill describes an architecture for custom database hooks that process session-based user data. 1. Ingestion points: User session identifiers processed in has_permission and permission_query_conditions hooks (documented in references/permission-hooks-reference.md). 2. Boundary markers: Documentation mandates the use of frappe.db.escape() and table-name prefixing for all custom query conditions. 3. Capability inventory: Ability to modify database query result sets and implement custom access-denial logic. 4. Sanitization: All examples and guidelines require input escaping via frappe.db.escape() to prevent SQL injection.

frappe-core-permissions