The Agent Skills Directory

Prompt Injection (SAFE): No attempts to bypass agent constraints or override system instructions were found. The instructional content is strictly technical.
Data Exposure & Exfiltration (SAFE): The skill correctly advises using environment variables for Cloudflare credentials. No suspicious network calls or exfiltration patterns are present. External links point to trusted official documentation and GitHub repositories.
Obfuscation (SAFE): No Base64, zero-width characters, or other encoding techniques are used to hide content. All code and scripts are transparent and human-readable.
Dependencies & RCE (LOW): The skill references standard Node.js packages (drizzle-orm, hono, wrangler). While the version numbers in the templates (e.g., v0.44.7) are future-dated and likely hallucinated by the content generator, they refer to legitimate packages from trusted sources. The included shell script for version checking is benign.
Indirect Prompt Injection (SAFE): The skill provides templates for building applications that handle external data, but it consistently implements security best practices such as parameterized queries and type-safe relational APIs to prevent injection vulnerabilities in the resulting apps.
Dynamic Execution (SAFE): No use of unsafe functions like eval() or dynamic script generation from untrusted sources was detected.

drizzle-orm-d1