The Agent Skills Directory

[SAFE]: The skill is a read-only research tool.
[PROMPT_INJECTION]: The skill processes untrusted codebase data (files, grep results, and git logs) as described in SKILL.md, which creates an indirect prompt injection surface. However, the agent's capabilities are limited to summarizing information without performing unsafe actions like network requests or file writes, and no sanitization or boundary markers are necessary for this use case.
[COMMAND_EXECUTION]: The skill uses standard development commands such as grep and git log for research purposes, which is safe within the intended codebase exploration environment.

prior-art