The Agent Skills Directory

[SAFE]: No security issues detected across the skill's instructional content or reference materials. The skill focuses on providing accurate DSL schema information derived from Dify's source code models.- [COMMAND_EXECUTION]: The included utility script scripts/validate_workflow.py uses yaml.safe_load(), ensuring that DSL validation is performed without the risk of arbitrary code execution from malicious YAML files.- [CREDENTIALS_UNSAFE]: All credentials found in the documentation and workflow templates (such as sk-... or {api_key}) are generic placeholders used for demonstration purposes and do not represent actual secrets.- [INDIRECT_PROMPT_INJECTION]: As a workflow generator, the skill creates configurations (Dify DSL) from natural language descriptions. This establishes a potential indirect prompt injection surface where unvalidated user input could be embedded into generated code or HTTP request nodes. However, the skill facilitates safe generation by providing a strict structural validator and predefined templates that enforce standard Dify node configurations.

dify-workflow-builder