The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or safety bypasses were detected in the analyzed instruction files.
[DATA_EXPOSURE]: The skill handles project-sensitive information (e.g., business models, stakeholder lists, contract terms) using local markdown templates and YAML frontmatter. All data operations are local to the project's workspace, and there are no signs of hardcoded credentials or external exfiltration mechanisms.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It uses standard file operations to manage project documentation and relies on user input for all content generation.
[COMMAND_EXECUTION]: There is a mention of a 'cp' command in a usage guide, but it is provided as a manual instruction for the user to manage templates, not as a command to be executed silently by the agent.
[INDIRECT_PROMPT_INJECTION]: Step 19 involves analyzing external URLs for design inspiration. While this represents a data ingestion surface, the agent's role is restricted to visual and UX pattern extraction, which minimizes the risk of following malicious instructions embedded in remote web content.

wds-1-project-brief