The Agent Skills Directory

[SAFE]: The skill is a ported version of the Vercel DeepSec benchmark prompt, designed for broad application security reviews. It correctly implements the benchmark contract and investigation process from the upstream source.
[SAFE]: External references target trusted organizations or reputable security organizations (OWASP). These are used neutrally for documentation and context.
[SAFE]: The skill requests access to standard analysis tools (Read, Grep, Glob, Bash) which are necessary and appropriate for its stated function of scanning source code for vulnerabilities.
[SAFE]: The skill processes untrusted code as part of its primary function. While this presents an indirect prompt injection surface, it is inherent to the tool's purpose and mitigated by the agent's role as a senior researcher.
Ingestion points: Target files read for security analysis as described in SKILL.md.
Boundary markers: Absent for the code under review.
Capability inventory: File system access and shell execution via Read, Grep, Glob, and Bash tools.
Sanitization: Not applicable for static analysis of code files.

vercel-deepsec