The Agent Skills Directory

[SAFE]: The skill operates within a defined project directory (.pawbytes) to manage campaign assets and configurations, following best practices for local tool scoping.
[COMMAND_EXECUTION]: The skill utilizes ffprobe to validate video metadata such as codec, resolution, and duration. This is a standard and expected operation for a media-focused quality control tool and does not involve arbitrary command execution.
[DATA_EXPOSURE]: No evidence of sensitive data exfiltration or hardcoded credentials was found. The skill interacts exclusively with local project files, brand guidelines, and shared agency memory to perform its functions.
[INDIRECT_PROMPT_INJECTION]: The skill processes external data from JSON manifests and brand guidelines. While this represents an ingestion surface for untrusted data, the skill's actions are restricted to generating Markdown reports and updating campaign status files, which minimizes the risk of exploitable behavior.

paw-cra-quality-control