The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data access techniques were identified. The content is consistent with its stated purpose of assisting with compliance audits.
[PROMPT_INJECTION]: An indirect prompt injection surface is present in the documented testing templates. Ingestion points: Data returned from /data-export and /patients/123 API calls as described in SKILL.md. Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are defined in the code snippets. Capability inventory: The skill utilizes database queries (db.users.findOne, db.raw) and API interactions (api.post) as documented in SKILL.md. Sanitization: No input validation or escaping mechanisms are demonstrated in the example code.

qe-compliance-testing