The Agent Skills Directory

Prompt Injection (SAFE): The instructions in SKILL.md and supporting files focus exclusively on routing and formatting design advice. There are no patterns attempting to bypass safety filters or override system instructions.
Data Exposure & Exfiltration (SAFE): No sensitive file paths, hardcoded credentials, or network-enabled commands (like curl or wget) are present in the skill files.
Obfuscation (SAFE): All content is provided in clear-text Markdown. No Base64, zero-width characters, or encoded strings were found.
Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include any package manifests (package.json, requirements.txt) or commands that download and execute remote scripts.
Privilege Escalation & Persistence (SAFE): No commands related to system permissions (sudo, chmod) or persistence mechanisms (cron, bashrc) were detected.
Indirect Prompt Injection (SAFE): While the skill processes user requests about game design, it functions as a static reference library and does not ingest untrusted external data from APIs or web scraping that could lead to injection attacks.

game-design-compass