The Agent Skills Directory

[Prompt Injection] (SAFE): The instructions use natural language to define triggers and procedures for a security review. There are no attempts to bypass safety filters or override system-level instructions.\n- [Data Exposure & Exfiltration] (SAFE): The skill mentions searching for secrets in the codebase using grep, which is a legitimate part of its function as a security tool. It does not contain hardcoded credentials or instructions to exfiltrate data.\n- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill suggests using standard tools like pnpm audit and pip-audit for dependency checks. It does not execute untrusted remote scripts or perform unauthorized downloads.\n- [Indirect Prompt Injection] (SAFE): While the skill is designed to process untrusted code (ingestion surface), which is an inherent risk for review tools, it follows a structured OWASP-based analysis pattern. No malicious behavior triggered by external data was observed. Evidence: 1) Ingestion: Git diffs and file reads via tools. 2) Boundaries: None. 3) Capabilities: File and GitHub access via tools. 4) Sanitization: Structural analysis serves as validation.

security-review