The Agent Skills Directory

[PROMPT_INJECTION]: No attempts to bypass AI safety guidelines or override system instructions were detected. The skill uses instructional language consistent with its purpose as a security research assistant.
[DATA_EXFILTRATION]: The skill does not contain hardcoded credentials or network operations targeting untrusted domains. It focuses on reading local code files and writing structured JSON results to a local work directory ($WORKDIR).
[REMOTE_CODE_EXECUTION]: No remote code execution patterns were found. The skill references local libexec/ scripts for coverage reporting, which is a standard pattern for extending agent functionality within a controlled environment.
[OBFUSCATION]: The skill's content is clear and uses standard Markdown/YAML formatting. No hidden characters, Base64-encoded instructions, or homoglyph substitutions were detected.
[PRIVILEGE_ESCALATION]: The skill does not request or use elevated privileges like sudo. It explicitly instructs the agent to run local scripts in their exact form to comply with platform permission systems.
[INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted codebase data (Category 8), it includes specific 'MUST-GATEs' (U1, U5) and 'TEACH' mode requirements that mandate reading actual code and providing evidence-based conclusions, which mitigates the risk of blindly following instructions embedded in analyzed data.

code-understanding