The Agent Skills Directory

[SAFE]: The skill's primary purpose is providing structured feedback on developer experience. It uses standard platform tools (Read, Edit, Grep, Bash, WebSearch) to analyze project context and provide recommendations.
[COMMAND_EXECUTION]: The skill uses bash to gather project metadata (e.g., git log, gh pr view, package.json inspection). These operations are scoped to project context discovery and do not involve sensitive path access or persistence mechanisms.
[EXTERNAL_DOWNLOADS]: The skill utilizes WebSearch to perform competitive benchmarking. This is a legitimate use case for gathering industry standards (e.g., TTHW data) and does not involve downloading or executing untrusted code or binaries.
[PROMPT_INJECTION]: No malicious prompt injection patterns were detected. The skill contains instructional headers like 'CRITICAL RULE' and 'IMPORTANT', which are used for internal logic flow and quality control rather than attempting to bypass safety filters or extract system prompts.
[DATA_EXFILTRATION]: There are no patterns indicating sensitive data exfiltration. Network operations via WebSearch are targeted at public documentation and industry benchmarks. No access to sensitive files (e.g., .ssh, .aws/credentials) is requested or performed.

plan-devex-review