The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions designed to bypass agent safety filters or override system prompts were identified in the documentation or templates.- [Data Exposure & Exfiltration] (SAFE): The workflow templates correctly demonstrate using GitHub Secrets (e.g., ${{ secrets.VERCEL_TOKEN }}) for sensitive credentials. No hardcoded secrets or unsafe data handling patterns were detected.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references common and official GitHub Actions (e.g., actions/checkout, docker/build-push-action). While it includes a third-party action (amondnet/vercel-action), this is provided as a documentation template and is not executed by the skill itself.- [Dynamic Execution] (SAFE): The templates include the actions/github-script action, which is a standard method for interacting with the GitHub API. The implementation shown uses safe, system-provided variables and does not interpolate untrusted external data.

github-actions-pipeline-creator