The Agent Skills Directory

[SAFE]: Comprehensive review of the skill instructions and reference files revealed no malicious patterns, unauthorized data access, or dangerous command execution.
[DATA_EXFILTRATION]: While the skill analyzes local codebase content (exports, types, and comments), this data is processed locally to generate documentation. No instructions were found that attempt to exfiltrate this information to external servers or non-whitelisted domains.
[PROMPT_INJECTION]: The skill analyzes local codebase content (code and comments), which is a surface for indirect prompt injection. However, the risk is minimal as the skill's capabilities are limited to generating a Markdown file and do not include code execution or network operations. Evidence chain for this surface: (1) Ingestion points: local codebase files recursively analyzed from the README location; (2) Boundary markers: none specified; (3) Capability inventory: limited to reading files and writing/updating README.md; (4) Sanitization: none specified in instructions.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. References to package managers (npm, pnpm, yarn, bun) are used exclusively for detecting the project environment and providing correct installation instructions within the generated documentation.
[COMMAND_EXECUTION]: The skill does not perform arbitrary shell command execution. Its operations are restricted to reading project files and writing Markdown documentation.

accelint-readme-writer