The Agent Skills Directory

[SAFE]: The skill implements a comprehensive security analysis workflow for detecting flaws like price manipulation, workflow bypass, and race conditions. It follows best practices for structured analysis by separating threat modeling from verification and consolidating results into a final report (sast/businesslogic-results.md).
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it is designed to ingest and analyze untrusted source code and architecture summaries. 1. Ingestion points: The skill reads sast/architecture.md and searches the codebase for endpoint definitions and business logic models. 2. Boundary markers: The subagent prompts do not currently include explicit delimiters or instructions to ignore embedded commands within analyzed code. 3. Capability inventory: The skill utilizes capabilities to write several markdown files to the sast/ directory and generates templates for manual verification via curl. 4. Sanitization: There is no evidence of sanitization or escaping of the ingested code content before it is processed by the AI subagents. However, as this is the primary intended function of a SAST tool and results are written locally for human review, this represents an inherent characteristic rather than a malicious finding.

sast-businesslogic