The Agent Skills Directory

[Prompt Injection] (SAFE): The skill uses instructional language consistent with its role as a Data Migration Expert. No attempts to bypass safety filters or extract system instructions were found.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns were detected. The skill provides SQL templates for the user to run manually but does not automate data access or transmission.- [Remote Code Execution & Dependencies] (SAFE): No external package installations or remote script executions (e.g., curl | bash) are present. The skill is entirely markdown-based.- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted data from pull requests and migration code, which is a potential injection surface. However, the risk is minimal as the skill lacks executable capabilities. Evidence Chain: 1. Ingestion points: Pull Request descriptions and migration source code. 2. Boundary markers: Absent. 3. Capability inventory: Analytical review and text generation only; no file-writing or subprocess capabilities. 4. Sanitization: Absent.- [Persistence & Privilege Escalation] (SAFE): No commands related to system persistence, credential harvesting, or unauthorized privilege acquisition (like sudo) were identified.- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs were found in the file.

data-migration-expert