The Agent Skills Directory

[SAFE]: The skill instructions and associated reference materials are focused entirely on improving code quality, adhering to design patterns, and maintaining programming conventions. No malicious commands, unauthorized network operations, or persistence mechanisms are present.
[DATA_EXPOSURE]: Analysis of the skill body and referenced files confirmed the absence of hardcoded credentials (API keys, tokens) or access to sensitive local file paths like SSH configurations or environment files.
[REMOTE_CODE_EXECUTION]: The skill does not include instructions for downloading or executing remote scripts, nor does it attempt to install unverified third-party packages.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to process user-supplied code, which constitutes an external data ingestion surface.
Ingestion points: Code snippets and script files provided by the user in the conversation context for the purpose of review or refactoring (SKILL.md).
Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands within the user's code.
Capability inventory: The skill is limited to static analysis and text generation. It does not invoke subprocesses, file system write operations, or network tools.
Sanitization: No specific sanitization or filtering logic is implemented for the processed code, relying instead on the underlying model's safety guardrails.

code-guard-review-cn