The Agent Skills Directory

[Indirect Prompt Injection] (SAFE): The skill handles untrusted external input (headers and request bodies) using secure methods. Evidence: Implementation uses parameterized SQL queries ($1, $2) and SHA-256 hashing for payload verification, preventing data from being interpreted as commands. Boundary markers are not strictly necessary as this is a code template demonstrating safe interpolation techniques.\n- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The code references standard libraries like 'redis' and 'crypto'. No remote scripts are downloaded or executed, and no suspicious third-party packages are required.\n- [Data Exposure & Exfiltration] (SAFE): The skill focuses on legitimate state management in Redis and local databases. Analysis confirms no access to sensitive system files (e.g., .ssh, .env) or unauthorized network exfiltration attempts.\n- [Privilege Escalation] (SAFE): No commands for elevating privileges (sudo, chmod 777) or modifying system-level configurations were found.

idempotency-handling