The Agent Skills Directory

[SAFE]: The skill consists entirely of natural language instructions and procedural guidance. It does not include any executable scripts, binaries, or complex automation code.
[PROMPT_INJECTION]: Analysis of the text content found no attempts to bypass safety filters, override system instructions, or extract system prompts. The language is consistently focused on the stated task of TCG collection management.
[EXTERNAL_DOWNLOADS]: The skill suggests using established and well-known services for pricing data, such as TCGPlayer, CardMarket, eBay, and PSA. These are industry-standard resources and do not represent a security risk in this context. No automated remote code execution or suspicious downloads are present.
[DATA_EXFILTRATION]: No evidence of hardcoded credentials, sensitive file path access, or unauthorized network operations was found. The skill operates on card collection data provided by the user.
[INDIRECT_PROMPT_INJECTION]: While the skill utilizes WebFetch and WebSearch to retrieve pricing data (ingestion points), it lacks high-privilege capabilities such as shell access or file writing that would be necessary for a successful exploit. The risk is negligible as it targets well-known pricing platforms.

manage-tcg-collection