The Agent Skills Directory

[NO_CODE]: The skill consists entirely of markdown instructions and configuration metadata, with no accompanying scripts or executable logic.
[SAFE]: All external URLs point to authoritative compliance and standards bodies, specifically NIST, ISO, AICPA, and the PCI Security Standards Council.
[PROMPT_INJECTION]: The skill interpolates user input via the $ARGUMENTS placeholder. 1. Ingestion points: $ARGUMENTS variable in SKILL.md. 2. Boundary markers: None present. 3. Capability inventory: No tools, file system access, or network capabilities are defined. 4. Sanitization: No input validation or escaping logic exists. However, due to the total absence of executable capabilities, this represents no functional risk.

audit-preparation