The Agent Skills Directory

[SAFE]: No malicious patterns detected.
[PROMPT_INJECTION]: Static detections in references/hardening-checklist.md are identified as false positives. These files contain educational content and testing instructions designed to help users prevent prompt injection and system prompt extraction. The skill's logic explicitly enforces instruction priority and trust boundaries.
[COMMAND_EXECUTION]: The included utility script scripts/validate-references.py is used for internal reference validation. It lacks any dangerous functions such as eval, os.system, or network access, and exclusively performs local file reading and text processing.
[DATA_EXFILTRATION]: The skill does not access sensitive local files or perform unauthorized network operations. References to external documentation URLs point to well-known, trusted technology providers (OpenAI, Anthropic, Google, Meta).
[INDIRECT_PROMPT_INJECTION]: The skill provides comprehensive guidance on mitigating indirect prompt injection. It defines ingestion points (RAG docs, tool results), recommends boundary markers (XML tags), and details sanitization and validation strategies for processing untrusted content.
[SAFE]: The skill includes explicit rules to refuse the execution of prompts or the construction of functional agents, effectively limiting its operational scope to design and analysis.

prompt-engineer