The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains no instructions to bypass safety filters or override system prompts. The 'Hard rules' section provides functional constraints for output formatting and logical consistency in the review workflow, which is standard for specialized agent skills.
[DATA_EXFILTRATION]: No network requests (e.g., curl, wget) or sensitive file path access (e.g., .ssh, .aws) were found. The skill's workflow involves evaluating how documentation handles credentials (advocating for environment variables over hardcoded secrets), but it does not attempt to access or exfiltrate the user's actual environment variables.
[REMOTE_CODE_EXECUTION]: There is no evidence of remote script fetching, package installation, or code evaluation. The skill is purely instructional and descriptive.
[COMMAND_EXECUTION]: The skill does not contain any shell commands, subprocess calls, or persistent mechanisms.
[INDIRECT_PROMPT_INJECTION]: While the skill is designed to process untrusted external content (developer guides provided by the user), it has no exploitable capabilities such as file writing or network access. The output is restricted to a text-based verdict and feedback, minimizing the risk of a multi-step attack chain.

reviewing-developer-guide