The Agent Skills Directory

[SAFE]: The skill provides a clear, structured methodology for performing security audits. It defines strict boundaries for identifying vulnerabilities versus legitimate patterns, reducing the risk of false positives or misinterpretation.
[INDIRECT_PROMPT_INJECTION]: As a static analysis tool, the skill naturally ingests untrusted data from the user's codebase. It mitigates potential injection risks by providing specific 'What IDOR is NOT' definitions and requiring the agent to trace full code paths from route to database, which maintains the agent's focus on structural logic rather than embedded text instructions.
[COMMAND_EXECUTION]: The skill uses subagents to perform parallel verification. This is an internal orchestration pattern of the agent platform and does not involve the execution of arbitrary or dangerous system commands.

sast-idor