The Agent Skills Directory

[SAFE]: The skill consists entirely of Markdown-based templates, reference guides, and instructional logic. No executable scripts (.py, .js, .sh), binary files, or external code dependencies are present.
[SAFE]: The templates for internal projects (e.g., templates/internal.md) correctly use placeholders for sensitive configuration like API_KEY and DATABASE_URL. It provides best-practice guidance by directing users to secure credential management tools rather than hardcoding secrets.
[PROMPT_INJECTION]: The skill processes untrusted local data when reviewing the project state to update documentation, which creates an indirect prompt injection surface. This is evaluated as safe given the narrow scope of the skill's write capabilities.
Ingestion points: SKILL.md (Step 2: Reviewing/refreshing instructions to read package.json and project files).
Boundary markers: Absent.
Capability inventory: Local file writes (modifying README.md).
Sanitization: Absent.
[SAFE]: No obfuscation (Base64, zero-width characters, or homoglyphs), persistence mechanisms, or unauthorized privilege escalation commands were detected in any of the skill files.

crafting-effective-readmes