The Agent Skills Directory

[SAFE]: The skill is primarily a formatting and instructional template for code analysis and does not contain any malicious code, external dependencies, or persistence mechanisms.- [DATA_EXFILTRATION]: The instructions include a specific security guardrail: 'Do not include long literals, secrets, or opaque blobs when a placeholder teaches the same point'. This is a best practice to prevent the accidental exposure of sensitive information found in the analyzed code.- [PROMPT_INJECTION]: The skill processes external data (user code and diffs), which is a surface for indirect prompt injection. However, the risk is mitigated by the 'disable-model-invocation: true' setting in the YAML frontmatter, which prevents the agent from being manipulated into calling other tools.

explain-code