The Agent Skills Directory

Prompt Injection (SAFE): No instructions to bypass safety filters, override system prompts, or activate restricted modes were detected in the skill instructions.
Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were identified.
Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not perform remote script execution or download untrusted packages at runtime. It follows standard installation procedures.
Indirect Prompt Injection (LOW): The skill processes user-provided topics to dynamically generate expert personas and debate content, creating a vulnerability surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: User topic input provided via $ARGUMENTS and parsed in SKILL.md. 2. Boundary markers: The workflow uses explicit speaker icons (🎤), rounded-corner panel headers, and synthesis block icons (📋) to delimit agent responses from system instructions. 3. Capability inventory: The skill logic is purely conversational; no file-writing, subprocess execution, or network capabilities are defined in the provided files. 4. Sanitization: The skill implements a complexity scoring system (5-15) and a mandatory diversity score (≥60) that act as logical validation steps before the debate begins.
Persistence & Privilege Escalation (SAFE): No mechanisms for maintaining access across sessions or acquiring elevated system permissions were detected.

panel-debate