The Agent Skills Directory

[SAFE]: No security vulnerabilities were detected in the skill instructions or metadata. The skill focuses on defining UI components (shadcn/ui) and data models for industry-specific project management.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external business descriptions (DOMAIN.md) and user transcripts to generate code. 1. Ingestion points: Data enters the context via domain files and user-provided transcripts. 2. Boundary markers: No explicit delimiters or ignore instructions for the external content are defined. 3. Capability inventory: The agent is restricted to UI generation and localStorage management; it lacks network access or shell execution capabilities. 4. Sanitization: No explicit validation of ingested business rules is required. The overall risk is safe as the skill's capabilities are limited to UI prototyping and data is stored locally.

trades-builder