The Agent Skills Directory

[SAFE]: The skill follows a standard software engineering workflow for system modernization without introducing dangerous commands, unauthorized file access, or persistence mechanisms.
[SAFE]: No hardcoded credentials, API keys, or sensitive file paths (such as SSH keys or AWS configs) were identified in the instructions or prompts.
[SAFE]: The skill does not perform any external network requests, downloads, or remote script executions from untrusted sources; all operations are delegated to internal subagents using the Task tool.
[SAFE]: No obfuscation techniques, such as Base64-encoded strings, zero-width characters, or homoglyphs, were found in the content.
[SAFE]: The skill identifies a standard surface for indirect prompt injection as it processes external codebase content via $ARGUMENTS. Mandatory Evidence Chain: 1. Ingestion points: $ARGUMENTS (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Subagents perform code analysis, test generation, and architectural refactoring (SKILL.md). 4. Sanitization: Not explicitly mentioned, although the workflow include a dedicated security audit and hardening phase (Phase 3.3). This is considered a legitimate operational surface for the skill's purpose.

framework-migration-legacy-modernize