The Agent Skills Directory

[SAFE]: The skill's primary purpose is to facilitate security analysis. It implements a disciplined approach to threat modeling, requiring evidence-backed claims and explicit documentation of assumptions.
[PROMPT_INJECTION]: As a tool for analyzing external codebases, the skill possesses an attack surface for indirect prompt injection via the files it processes.
Ingestion points: The skill reads local repository files (source code, configuration, and documentation) provided by the user.
Boundary markers: The workflow relies on natural language instructions and Markdown formatting to delineate analysis from raw data. It lacks specific 'ignore embedded instructions' delimiters for the ingested code content.
Capability inventory: The skill is designed to write a Markdown report to a local file (e.g., <repo-name>-threat-model.md) and recommends using rg (Ripgrep) for exploration.
Sanitization: The instructions include a mandatory security hygiene rule to redact any discovered secrets (tokens, keys, passwords) and only describe their location, which mitigates data exposure risk.
[COMMAND_EXECUTION]: The prompt template mentions using rg (Ripgrep) if available to explore the codebase. This is a legitimate use of a common developer tool within the scope of security analysis and does not constitute arbitrary command execution.

security-threat-model