The Agent Skills Directory

[SAFE]: The skill's primary function is to guide code refactoring based on established architectural patterns. It emphasizes preserving business logic while improving code structure.
[DATA_EXFILTRATION]: No exfiltration patterns were found. Security conventions explicitly forbid storing authentication tokens in local storage, recommending memory-scoped variables for Access Tokens and HttpOnly cookies for Refresh Tokens.
[PROMPT_INJECTION]: The skill uses detailed instructional language to define its scope. No override commands or safety bypass instructions were detected in the prompt metadata or body.
[EXTERNAL_DOWNLOADS]: References to external packages (e.g., axios, big.js, zod, tailwind-merge) and vendor-specific libraries (e.g., @sellernote/sellernote-nestjs-api-property) are standard for modern development environments and are used appropriately within the context of Sellernote conventions.
[COMMAND_EXECUTION]: Instructions regarding infrastructure (Docker, AWS) follow security best practices, such as running containers as non-root users and applying the principle of least privilege for IAM policies.
[INDIRECT_PROMPT_INJECTION]: The skill refactors external code files, which is an ingestion point for untrusted data. However, the instructions are strictly scoped to structural patterns, and the risk of the agent executing malicious commands embedded in user code is minimal due to the nature of the refactoring task.

convention-refactor