The Agent Skills Directory

[PROMPT_INJECTION]: The skill defines defensive patterns to detect and mitigate malicious overrides from external data sources. Files such as references/security-patterns.md and assets/HEARTBEAT.md list injection strings specifically for detection and auditing purposes, reinforcing the agent's instructions to treat untrusted content as data rather than commands.
[COMMAND_EXECUTION]: The skill includes a shell script (scripts/security-audit.sh) designed to help the agent or user perform local security hygiene. This script checks file permissions for credential directories and scans for accidentally hardcoded secrets without performing any external network operations.
[DATA_EXFILTRATION]: The framework incorporates comprehensive context leakage prevention guidelines. It instructs the agent to vet external skill sources and warns against connecting to untrusted agent-to-agent communication networks that may harvest private user data.
[CREDENTIALS_UNSAFE]: Guideline documents such as assets/TOOLS.md and references/security-patterns.md promote secure secret management practices, advising the use of gitignored directories and restrictive file permissions (chmod 600) for storage.

proactive-agent