The Agent Skills Directory

[SAFE]: The skill uses Amplicode MCP tools to read project metadata and provides boilerplate security code based on official Spring Security documentation. It adds official dependencies from trusted repositories such as Maven Central.- [PROMPT_INJECTION]: The skill is a code generator that interpolates user-provided data into source files, creating an indirect prompt injection surface. (1) Ingestion points: User input for endpoints, client IDs, and role names in SKILL.md and reference files. (2) Boundary markers: Not used in the templates. (3) Capability inventory: MCP tools to write to the file system and modify build configuration files. (4) Sanitization: No sanitization of user input is performed before interpolation into Java/Kotlin files.- [CREDENTIALS_UNSAFE]: The skill facilitates the configuration of sensitive credentials such as client secrets and LDAP passwords. These are written to the project's application.properties file, which is a standard and expected practice for Spring Boot application configuration.

spring-security-configuration