The Agent Skills Directory

[SAFE]: The skill is designed as a defensive security tool to review and harden GitHub Actions workflow files. It identifies common misconfigurations such as the use of privileged triggers like pull_request_target and issue_comment without proper sanitization.
[PROMPT_INJECTION]: No malicious prompt injection patterns were found. The skill's instructions focus on providing structured security feedback and do not attempt to bypass agent safety filters.
[DATA_EXFILTRATION]: No network exfiltration or unauthorized data access patterns were detected. The skill correctly identifies and warns against secret exposure in CI/CD logs.
[REMOTE_CODE_EXECUTION]: The skill does not execute or download remote code. It provides guidance on detecting RCE in workflows (e.g., checking out and running untrusted fork code in a privileged context) and recommends security best practices like SHA-pinning for third-party actions.
[INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted workflow files from users (ingestion surface), it mitigates the risk of indirect injection through systematic analysis steps, defined severity guides, and professional reporting templates. It recommends safe patterns (e.g., using environment variables instead of direct interpolation) for the code it audits.

github-actions-hardening