The Agent Skills Directory

[SAFE]: The skill focuses on providing design advice and review guidelines. All instructions in SKILL.md and references/review-checklist.md are consistent with the stated purpose of UI design education.
[SAFE]: The Python script scripts/audit_css.py performs static analysis using regular expressions to detect design anti-patterns. It does not use any dangerous functions like eval(), exec(), or subprocess, nor does it perform any network operations.
[SAFE]: The script implements file filtering in the collect_files function, restricting its analysis to .css, .scss, .html, and .htm files, which reduces the risk of unintended file exposure.
[SAFE]: No obfuscation (Base64, hex, zero-width characters) or hardcoded credentials were found across the skill files.
[SAFE]: Indirect Prompt Injection: While the skill is designed to process untrusted user-provided CSS and HTML code, the attack surface is limited as the analysis is focused on visual design principles and the utility script only performs static regex-based checks without executing the code.

refactoring-ui