The Agent Skills Directory

[SAFE]: The skill is a legitimate security auditing guide focused on PCI DSS v4.0 compliance. It establishes clear boundaries, correctly defining its role as an engineering audit tool rather than an official attestation service.
[COMMAND_EXECUTION]: The skill provides functional shell commands and regex patterns using Grep and Bash to identify Primary Account Numbers (PAN) and sensitive database columns. These are appropriate for the stated purpose of identifying PCI data in scope.
[EXTERNAL_DOWNLOADS]: References official documentation from well-known industry bodies including pcisecuritystandards.org, NIST, and major card brands (Visa, Mastercard, Amex, Discover). These are trusted sources for security standards.
[DATA_EXFILTRATION]: While the skill is designed to search for and identify sensitive cardholder data, it contains no instructions to exfiltrate this data or transmit it to third-party domains. It includes instructions for redacting sensitive data (scrubbing rules) and minimizing retention.
[PROMPT_INJECTION]: No evidence of prompt injection, role-play bypasses, or instructions to ignore safety guardrails was found.

pci-audit