The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The documentation includes placeholder secrets (e.g., 'sk-live-abc123xyz', 'secret123') used within 'BAD' code examples to demonstrate non-compliant security practices. These are educational markers and not functional credentials.
[COMMAND_EXECUTION]: Provides shell-ready grep patterns for the agent to identify configuration patterns, credentials, and stateful code in PHP files.
[PROMPT_INJECTION]: The skill is designed to process external PHP source code, creating an indirect ingestion point for data. * Ingestion points: PHP source files matched by grep patterns in the project directory. * Boundary markers: No delimiters or explicit instructions to ignore embedded content are provided. * Capability inventory: Functionality is restricted to file system reading via grep; the skill lacks network access, file writing, or arbitrary code execution capabilities. * Sanitization: No sanitization is performed on the source code being analyzed.

check-12-factor-compliance