The Agent Skills Directory

[PROMPT_INJECTION]: The skill handles user-provided code snippets for analysis (ingestion points: SKILL.md), creating a surface for indirect prompt injection. Boundary markers for untrusted input are absent, but the skill has no dangerous capabilities (no subprocess/network/exec) to execute malicious instructions.
[SAFE]: Static analysis findings for 'eval' and 'pickle' are false positives as they are documentation examples of insecure code (CWE-94, CWE-502), not functional skill code.
[SAFE]: No hardcoded secrets, exfiltration patterns, or persistence mechanisms were detected. The skill correctly recommends the use of environment variables and secret managers for credential storage.

code-security