The Agent Skills Directory

[Overall Assessment] (SAFE): The skill consists entirely of instructional text to guide the agent's logic for clarifying user requests. It contains no code, shell commands, or external dependencies.- [Data Exposure & Exfiltration] (SAFE): There are no patterns suggesting the exfiltration of sensitive data. While it mentions reading configuration files for discovery, this is a standard agent function and no network transmission commands (like curl or wget) are present.- [Prompt Injection] (SAFE): The instructions do not attempt to bypass agent safety filters or override system-level instructions. The workflow is designed to increase transparency and alignment with the user.- [Indirect Prompt Injection] (INFO): The skill instructions the agent to read 'relevant config files' from a repository. While reading untrusted external data is a potential injection vector (Category 8c), the skill actually serves as a mitigation by enforcing a 'pause before acting' phase and requiring user confirmation before executing tasks.

ask-questions-if-underspecified