The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions attempting to override agent behavior, bypass safety filters, or extract system prompts were detected in the documentation or configuration files.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or access to sensitive local file paths (e.g., SSH keys, AWS credentials) were found. No network operations or exfiltration patterns were detected.- [Obfuscation] (SAFE): The skill contains clear, readable code and documentation. No Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques were identified.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not download or execute remote scripts. It does not install external packages at runtime.- [Privilege Escalation] (SAFE): No commands for acquiring elevated privileges, such as sudo, or modifying system-level configurations were detected.- [Persistence Mechanisms] (SAFE): No attempts to establish persistence through shell profiles, cron jobs, or system services were found.- [Metadata Poisoning] (SAFE): Metadata fields like name and description are descriptive and do not contain deceptive instructions or injection patterns.- [Indirect Prompt Injection] (SAFE): The skill lacks an untrusted data ingestion surface; it only processes local configuration and structure, posing no risk of indirect injection.- [Time-Delayed / Conditional Attacks] (SAFE): No logic gating behavior based on specific dates, times, or environmental conditions was found.- [Dynamic Execution] (SAFE): No runtime code generation (eval/exec) or unsafe deserialization (e.g., pickle) was detected. The validation script uses the secure yaml.safe_load() method.

growth-development