The Agent Skills Directory

[SAFE]: The skill consists exclusively of markdown documentation, JSON schemas, and usage examples. No executable scripts (.sh, .py, .js) or binaries are included in the package.
[SAFE]: No external dependencies or remote code execution patterns were identified. The skill does not attempt to install packages via npm, pip, or similar managers.
[SAFE]: There are no network operations detected. The instructions do not involve fetching remote data or exfiltrating information via tools like curl or wget.
[SAFE]: No credential exposure or sensitive file access was found. The skill operates on a user-provided image (reference.png) and outputs design specifications to a dedicated local directory (03_visual_spec/).
[SAFE]: The instructions are task-oriented and do not contain patterns indicative of prompt injection, such as attempts to bypass safety filters or override system prompts.
[SAFE]: Although the skill processes external data (user-provided screenshots), it lacks any high-risk capabilities (like network access or command execution) that could be exploited via indirect prompt injection.

visual-to-spec