The Agent Skills Directory

[Indirect Prompt Injection] (SAFE): The skill is designed to ingest and analyze external codebases, creating a potential surface for indirect prompt injection. However, the methodology explicitly includes verification steps and context-aware guidelines that serve as boundary markers to prevent the agent from blindly following instructions embedded in audited code. Ingestion points: Local source code files provided for auditing. Boundary markers: The skill documentation (SKILL.md, docs/methodology.md) emphasizes verification ('Always verify') and contextual analysis. Capability inventory: Suggested use of standard local analysis tools (grep, semgrep, bandit, slither). Sanitization: Relies on the agent's analytical role rather than automated execution of the content being audited.
[Data Exposure & Exfiltration] (SAFE): While the skill contains examples of hardcoded credentials (e.g., 'sk-abc123...'), these are clearly marked as 'BAD' examples for educational purposes and utilize placeholder values rather than functional keys.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): The methodology suggests using well-known, industry-standard security tools (Semgrep, Bandit, Slither). These are intended to be run in a local environment for analysis and do not involve executing untrusted remote scripts.

vulnhunter