The Agent Skills Directory

[SAFE]: The skill uses standard command-line tools like grep and glob to perform its intended research functions without any identified security risks.
[COMMAND_EXECUTION]: File system exploration is performed using benign utilities for searching and reading files (e.g., grep, glob, read, head). No privilege escalation, unauthorized persistence, or dangerous shell commands were found.
[DATA_EXFILTRATION]: Data handling is restricted to internal memory management (memory_store, memory_search) and specific MCP tool integrations. There is no evidence of sensitive data (like SSH keys or AWS credentials) being accessed or transmitted to unauthorized external endpoints.
[PROMPT_INJECTION]: The instructions establish a professional research persona and do not include directives to ignore safety protocols, bypass restrictions, or reveal system prompts.
[PROMPT_INJECTION]: While the skill exhibits an inherent surface for indirect prompt injection by ingesting untrusted external data (codebases, documentation, PRs), there are no indications of malicious intent or exploitable patterns in the skill's logic. The ingestion points include file reads and git history, with coordination handled through designated memory namespaces.

agent-researcher