The Agent Skills Directory

SAFE (SAFE): The skill is purely informational and serves as a reference for security professionals. No unauthorized file access, credential harvesting, or network-based exfiltration patterns were detected.\n- NO_CODE (SAFE): The skill contains no executable scripts (Python, Node.js, or Shell). All included files are Markdown-based documentation or templates. While the documentation contains example payloads and commands (e.g., SQL injection strings and Hydra commands), these are provided for manual study and are not executed by the skill itself.\n- Indirect Prompt Injection Surface (LOW): The file 'agent_knowledge_extraction_template.md' is a prompt designed to process external vulnerability data. This constitutes an ingestion point for untrusted data. However, the risk is classified as LOW because the template does not grant the agent any dangerous capabilities (such as system command execution or internet access) that could be triggered by malicious content in the input data.\n- Capability Inventory (SAFE): The skill's primary function is text processing and information retrieval. It does not request or utilize advanced permissions like system-level modification or external network communication.

vuln-analysis-expert