The Agent Skills Directory

[DYNAMIC_EXECUTION]: The scripts scripts/secret_scanner.py and scripts/threat_modeler.py utilize the __import__ function to load the datetime module for report timestamping. In this context, the behavior is transparent and benign, involving only a standard library module.
[COMMAND_EXECUTION]: The skill provides utility scripts for local use. secret_scanner.py performs file system reads to identify potential hardcoded credentials, and threat_modeler.py provides an interactive framework for risk assessment. Both tools operate within the scope of the user's local environment as described.
[PROMPT_INJECTION]: The skill contains no instructions designed to override agent behavior, bypass safety guardrails, or extract system prompts. The content is strictly instructional and follows established security engineering methodologies like STRIDE and OWASP.
[SAFE]: The documentation promotes security best practices, including the use of authenticated encryption (AES-GCM), secure password hashing (Argon2id), and parameterized queries. No exfiltration paths, persistence mechanisms, or obfuscated payloads were detected.

senior-security