The Agent Skills Directory

[SAFE]: No malicious behavior, data exfiltration, or unauthorized command execution was found. The skill operates locally on provided data and its instructions are focused on architectural tasks. There is a documentation discrepancy in SKILL.md regarding script names, but this appears to be a non-malicious consistency issue.
[PROMPT_INJECTION]: The skill features scripts that ingest external technical data (JSON/CSV), creating a surface for indirect prompt injection. The risk is assessed as safe because the scripts have no dangerous capabilities. -- Ingestion points: The scripts architecture_scorer.py, migration_assessor.py, and sizing_calculator.py read data from files via the --data parameter. -- Boundary markers: The scripts and templates do not employ delimiters or warnings to ignore instructions within the data. -- Capability inventory: The scripts are limited to data parsing and calculation; they do not possess network, file-writing, or shell-execution permissions. -- Sanitization: Content is parsed using standard JSON/CSV libraries with no further sanitization before being included in generated reports.

solutions-architect