The Agent Skills Directory

Security Audit (SAFE): The skill is primarily defensive, including specific tasks for secret scanning (gitleaks), dependency auditing (npm/pip audit), and OWASP Top 10 compliance validation.
Indirect Prompt Injection (SAFE): While the skill analyzes untrusted code, it does so within a structured verification framework using defined reporting templates and specialized sub-agents, which mitigates the risk of adversarial code influencing the auditing process.
Command Execution (SAFE): The skill references standard development tools such as Ruff, Biome, and tsc. These tools are used for their intended purposes (linting and type checking) within a controlled audit context.
Data Exposure & Exfiltration (SAFE): No evidence of hardcoded credentials or data exfiltration attempts was found. The skill proactively checks for secrets in the codebase being verified to prevent data exposure.

verify