The Agent Skills Directory

Category 4: Unverifiable Dependencies (SAFE): The skill references standard, well-known libraries such as fastapi, pydantic, uvicorn, and aiodataloader within its templates and examples. No suspicious or unversioned external packages are being installed.
Category 2: Data Exposure (SAFE): No hardcoded credentials or sensitive file paths were detected. The JWT tokens and email addresses used in the documentation and mock implementations are clearly placeholders for educational purposes.
Category 10: Dynamic Execution (SAFE): The provided Python template (assets/rest-api-template.py) uses static route definitions and Pydantic models for request validation, avoiding unsafe dynamic execution or deserialization patterns.
Category 8: Indirect Prompt Injection (LOW): The skill defines several data ingestion points via API endpoint templates. While these are surfaces for untrusted data, the code includes Pydantic schema validation as a boundary marker and contains no dangerous capabilities (like file system writes or command execution) that could be exploited by malicious inputs.

api-design-principles