The Agent Skills Directory

[SAFE]: The skill uses the Read tool to access project-specific files like .claude/d2c/design-tokens.json and decisions.lock.json. This data is used to ensure code adheres to defined design tokens and project conventions, with no evidence of malicious network activity or unauthorized data access.
[SAFE]: Indirect prompt injection surface exists via the reading of local configuration files. However, given the context of a frontend development skill and the lack of high-risk capabilities (network, write access, or command execution), this is assessed as a safe operational pattern. Ingestion point is the design-tokens.json file; boundary markers and sanitization are absent, but capability is limited to assisted code generation.

d2c-guard