The Agent Skills Directory

[NO_CODE]: The skill consists exclusively of instructional Markdown content (SKILL.md) and does not include any executable scripts, binaries, or configuration files.
[SAFE]: The skill performs audits on untrusted external code, which represents a potential surface for indirect prompt injection. Evidence chain: (1) Ingestion points: Terminal, PTY, and session backend code provided for audit (SKILL.md); (2) Boundary markers: Not explicitly defined in the instructions; (3) Capability inventory: Restricted to audit-only activities, with explicit prohibitions against executing exploits, patching high-risk areas without approval, or uploading secrets; (4) Sanitization: Not specified. The risk is inherent to the skill's primary function and is sufficiently mitigated by its operational guardrails and audit-only mandate.

terminal-pty-audit