The Agent Skills Directory

[Command Execution] (SAFE): The skill utilizes basic Bash 'test' commands to verify the presence of local configuration files (EXTEND.md) in the project or user home directory. These commands are static and do not pose a risk of injection or privilege escalation.- [Data Exposure & Exfiltration] (SAFE): Analysis of the skill's workflow shows it accesses configuration files specific to its own operation and user-provided source files. No sensitive system paths (e.g., .ssh, .aws) are targeted, and no network transmission of user data to external domains was found.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not define external package dependencies or download remote scripts. It operates entirely using local reference files and predefined markdown templates.- [Indirect Prompt Injection] (SAFE): While the skill ingests external content to generate image prompts, it implements strict instructional design principles, such as preserving source data verbatim and prohibiting the addition of new information, which significantly mitigates the risk of indirect injection manipulation.- [Metadata Poisoning] (SAFE): All metadata, including the skill name and description, accurately reflect its functionality without hidden instructions or deceptive claims.

baoyu-infographic