The Agent Skills Directory

[COMMAND_EXECUTION]: The skill contains explicit instructions to avoid executing any user tasks, writing code, creating files, or running commands. It is strictly advisory, which significantly reduces the risk of malicious command execution through prompt injection.
[DATA_EXFILTRATION]: No network operations or data exfiltration patterns were detected. The skill reads local project metadata files (such as package.json, go.mod, and pyproject.toml) solely to identify the technology stack and provide relevant prompting advice within the local environment.
[PROMPT_INJECTION]: While the skill processes user-provided draft prompts (which could contain malicious instructions), it includes robust self-protection instructions. It explicitly tells the agent to remain in 'advisory mode' and refuses to switch to implementation even if the user demands it (e.g., 'just do it').
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It references 'Agent Skills' using Cursor's native /skill-name syntax, which refers to locally installed extensions within the user's controlled IDE environment.
[SAFE]: The project detection phase relies on standard manifest files (like AGENTS.md, package.json, requirements.txt) to provide context-aware advice, which is standard and safe behavior for development-oriented AI tools.

prompt-optimizer