The Agent Skills Directory

[SAFE]: The skill is designed for the legitimate purpose of security threat modeling. It uses a structured workflow (STRIDE) and standard file operations to assist developers in identifying system vulnerabilities.
[DATA_EXFILTRATION]: The skill reads architectural and product documentation to perform its analysis. However, it lacks network-enabled tools or instructions to transmit this information to external servers, and its write operations are restricted to the local filesystem.
[PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks, as it processes data from external documentation that may be attacker-controlled.
Ingestion points: Reads files from .chalk/docs/engineering/ and .chalk/docs/product/.
Boundary markers: No delimiters or instructions to ignore embedded commands are specified in the parsing workflow.
Capability inventory: The skill uses Read, Glob, Grep, and Write tools to analyze documents and output findings.
Sanitization: There is no explicit sanitization of input data from the documentation files.
Note: This surface is considered a low risk as the skill's capabilities are limited to generating documentation and do not include code execution or privilege escalation.

create-threat-model