The Agent Skills Directory

Indirect Prompt Injection (LOW): The project assembly process uses user-provided requirements to generate code, which is a known surface for indirect prompt injection. 1. Ingestion points: User instructions for project scaffolding in SKILL.md. 2. Boundary markers: No delimiters are specified to isolate user input from the generation logic. 3. Capability inventory: Generation of project files and execution of a local scaffolding script (scripts/scaffold_project.py). 4. Sanitization: No explicit sanitization or validation of user-provided project requirements is documented in the assembly workflow.
SAFE (SAFE): No malicious behaviors, hardcoded credentials, or unsafe external downloads were detected. The skill uses appropriate security measures such as placeholders for WiFi credentials and follows non-blocking code patterns.

arduino-project-builder