The Agent Skills Directory

[NO_CODE] (SAFE): The skill consists entirely of Markdown-based documentation and YAML configuration templates for guidance. No executable scripts (Python, JavaScript, or Shell) are present. \n- [EXTERNAL_DOWNLOADS] (LOW): The skill contains references to official documentation and the repository github.com/anthropics/claude-code. Per [TRUST-SCOPE-RULE], this is a Trusted External Source and the finding is downgraded. The links are informational and do not involve automated runtime downloads or execution. \n- [PROMPT_INJECTION] (SAFE): No patterns of instruction override, safety bypass, or role-play jailbreaks were detected. The use of the 'IMPORTANT' keyword is confined to benign workflow coordination. \n- [DATA_EXFILTRATION] (SAFE): No commands or instructions related to sensitive file access (e.g., credentials, SSH keys) or external data transmission were identified. \n- [INDIRECT_PROMPT_INJECTION] (INFO): As a documentation-focused skill, it lacks the attack surface for indirect injection since it does not ingest or process external untrusted data dynamically.

claude-ecosystem