The Agent Skills Directory

[SAFE]: The skill incorporates a research workflow that ingests untrusted data from GitHub repositories via the octocode MCP tools. 1. Ingestion points: SKILL.md (Phase 3) utilizes research tools including githubGetFileContent, githubSearchCode, and packageSearch. 2. Boundary markers: The skill instructions isolate research tasks within dedicated subagents using subagent_type='Explore', though no explicit prompt delimiters are defined for the ingested data. 3. Capability inventory: SKILL.md (Phase 3 and Phase 6) leverages GitHub research tools and performs local file writing to the docs/rfcs/ directory. 4. Sanitization: External content is filtered and refined through a multi-step synthesis process and a secondary objective review phase performed by a 'Roast' subagent. This design effectively manages potential indirect prompt injection risks associated with processing external code.\n- [SAFE]: Local file system activity is strictly limited to saving generated RFC documents in the docs/rfcs/ directory, which is consistent with the skill's primary function and does not pose a threat to system integrity. No access to sensitive system files, environment variables, or hardcoded credentials was identified.\n- [SAFE]: Installation and configuration instructions reference the author's official GitHub repository and legitimate community tools like the octocode MCP. These resources are well-known in the developer ecosystem and are documented neutrally without any suspicious remote code execution or exfiltration patterns.

rfc-research