The Agent Skills Directory

[Category 1: Prompt Injection] (SAFE): The instructions are focused on guiding the user through a design process. There are no attempts to override system prompts or bypass safety guidelines.- [Category 2: Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files or perform any network operations. It only reads the user's input and current directory state for context.- [Category 4: Unverifiable Dependencies] (SAFE): No external packages or remote scripts are downloaded or executed. References to other skills are internal to the system framework.- [Category 8: Indirect Prompt Injection] (LOW): The skill processes user-provided feature descriptions and project ideas (untrusted data). While this is an ingestion surface, the risk is low as the skill's primary output is natural language design proposals rather than executable code or system commands. Delegated actions (Phase 4 and 5) rely on the security of the target skills (e.g., 'Writing Plans').- [Category 10: Dynamic Execution] (SAFE): There is no evidence of runtime code generation, compilation, or unsafe deserialization. The skill operates entirely through structured prompting and logical flow control.

Brainstorming Ideas Into Designs